This document summarizes research on parsing XML files to enable secure mobile commerce transactions. It discusses how parsing XML reduces its size, allowing data to be transmitted more quickly and securely during mobile transactions. The document reviews different XML parsing techniques, including DOM and SAX parsers. It also analyzes how different mobile operating systems, such as Android, Apple iOS, and Symbian, handle XML parsing. The goal of the research is to develop an efficient XML parsing method using J2ME to provide stronger security for mobile commerce transactions by reducing transmission delays and errors.
Rapid increases in information technology also changed the existing markets and transformed them into emarkets
(e-commerce) from physical markets. Equally with the e-commerce evolution, enterprises have to
recover a safer approach for implementing E-commerce and maintaining its logical security. SOA is one of
the best techniques to fulfill these requirements. SOA holds the vantage of being easy to use, flexible, and
recyclable. With the advantages, SOA is also endowed with ease for message tampering and unauthorized
access. This causes the security technology implementation of E-commerce very difficult at other
engineering sciences. This paper discusses the importance of using SOA in E-commerce and identifies the
flaws in the existing security analysis of E-commerce platforms. On the foundation of identifying defects,
this editorial also suggested an implementation design of the logical security framework for SOA supported
E-commerce system.
XML is expected to facilitate Internet B2B messaging because of its simplicity and flexibility. One big concern that customer may have in doing Internet B2B messaging is security. Therefore considering some security features in XML such as element-wise encryption, access control and digital signature that are beyond the capability of the transport-level security protocol such as SSL is of interest. We describe element-wise encryption of XML documents by performing some cryptographic transformations on it. For this reason, XSLT (Extensible Stylesheet Language Transformations) may well have sufficient functionality to perform all reasonable cryptographic transformations.
In this paper we implement element wise encryption operation in the document using XSLT. Extension functions of XSLT are made use to enhance the abilities of XSLT to include the encryption and decryption functions.
Design and implementation of a privacy preserved off premises cloud storagesarfraznawaz
Despite several cost-effective and flexible characteristics of cloud computing, some clients are reluctant to adopt this paradigm due to emerging security and privacy concerns. Organization such as Healthcare and Payment Card Industry where confidentiality of information is a vital act, are not assertive to trust the security techniques and privacy policies offered by cloud service providers. Malicious attackers have violated the cloud storages to steal, view, manipulate and tamper client's data. Attacks on cloud storages are extremely challenging to detect and mitigate. In order to formulate privacy preserved cloud storage, in this research paper, we propose an improved technique that consists of five contributions such as Resilient role-based access control mechanism, Partial homomorphic cryptography, metadata generation and sound steganography, Efficient third-party auditing service, Data backup and recovery process. We implemented these components using Java Enterprise Edition with Glassfish Server. Finally we evaluated our proposed technique by penetration testing and the results showed that client’s data is intact and protected from malicious attackers.
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...ijcsta
Business logics of relational databases applications are an important source of security violations, namely in respect
to access control. The situation is particularly critical when access control policies are many and complex. In these
cases, programmers of business logics can hardly master the established access control policies. Now we consider
situations where business logics are built with tools such as JDBC and ODBC. These tools convey two sources of
security threats: 1) the use of unauthorized Create, Read, Update and Delete (CRUD) expressions and also 2) the
modification of data previously retrieved by Select statements. To overcome this security gap when Role-based
access control policies are used, we propose an extension to the basic model in order to control the two sources
of security threats. Finally, we present a software architectural model from which distributed and typed RBAC
mechanisms are automatically built, this way relieving programmers from mastering any security schema. We
demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.
In this research, we have focused on the most challenging issue that Web Services face, i.e. how to secure their information. Web Services security could be guaranteed by employing security standards, which is the main focus of this search. Every suggested model related to security design should put in the account the securities' objectives; integrity, confidentiality, non- repudiation, authentication, and authorization. The proposed model describes SOAP messages and the way to secure their contents. Due to the reason that SOAP message is the core of the exchanging information in Web Services, this research has developed a security model needed to ensure e-business security. The essence of our model depends on XML encryption and XML signature to encrypt and sign SOAP message. The proposed model looks forward to achieve a high speed of transaction and a strong level of security without jeopardizing the performance of transmission information.
Rapid increases in information technology also changed the existing markets and transformed them into emarkets
(e-commerce) from physical markets. Equally with the e-commerce evolution, enterprises have to
recover a safer approach for implementing E-commerce and maintaining its logical security. SOA is one of
the best techniques to fulfill these requirements. SOA holds the vantage of being easy to use, flexible, and
recyclable. With the advantages, SOA is also endowed with ease for message tampering and unauthorized
access. This causes the security technology implementation of E-commerce very difficult at other
engineering sciences. This paper discusses the importance of using SOA in E-commerce and identifies the
flaws in the existing security analysis of E-commerce platforms. On the foundation of identifying defects,
this editorial also suggested an implementation design of the logical security framework for SOA supported
E-commerce system.
XML is expected to facilitate Internet B2B messaging because of its simplicity and flexibility. One big concern that customer may have in doing Internet B2B messaging is security. Therefore considering some security features in XML such as element-wise encryption, access control and digital signature that are beyond the capability of the transport-level security protocol such as SSL is of interest. We describe element-wise encryption of XML documents by performing some cryptographic transformations on it. For this reason, XSLT (Extensible Stylesheet Language Transformations) may well have sufficient functionality to perform all reasonable cryptographic transformations.
In this paper we implement element wise encryption operation in the document using XSLT. Extension functions of XSLT are made use to enhance the abilities of XSLT to include the encryption and decryption functions.
Design and implementation of a privacy preserved off premises cloud storagesarfraznawaz
Despite several cost-effective and flexible characteristics of cloud computing, some clients are reluctant to adopt this paradigm due to emerging security and privacy concerns. Organization such as Healthcare and Payment Card Industry where confidentiality of information is a vital act, are not assertive to trust the security techniques and privacy policies offered by cloud service providers. Malicious attackers have violated the cloud storages to steal, view, manipulate and tamper client's data. Attacks on cloud storages are extremely challenging to detect and mitigate. In order to formulate privacy preserved cloud storage, in this research paper, we propose an improved technique that consists of five contributions such as Resilient role-based access control mechanism, Partial homomorphic cryptography, metadata generation and sound steganography, Efficient third-party auditing service, Data backup and recovery process. We implemented these components using Java Enterprise Edition with Glassfish Server. Finally we evaluated our proposed technique by penetration testing and the results showed that client’s data is intact and protected from malicious attackers.
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...ijcsta
Business logics of relational databases applications are an important source of security violations, namely in respect
to access control. The situation is particularly critical when access control policies are many and complex. In these
cases, programmers of business logics can hardly master the established access control policies. Now we consider
situations where business logics are built with tools such as JDBC and ODBC. These tools convey two sources of
security threats: 1) the use of unauthorized Create, Read, Update and Delete (CRUD) expressions and also 2) the
modification of data previously retrieved by Select statements. To overcome this security gap when Role-based
access control policies are used, we propose an extension to the basic model in order to control the two sources
of security threats. Finally, we present a software architectural model from which distributed and typed RBAC
mechanisms are automatically built, this way relieving programmers from mastering any security schema. We
demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.
In this research, we have focused on the most challenging issue that Web Services face, i.e. how to secure their information. Web Services security could be guaranteed by employing security standards, which is the main focus of this search. Every suggested model related to security design should put in the account the securities' objectives; integrity, confidentiality, non- repudiation, authentication, and authorization. The proposed model describes SOAP messages and the way to secure their contents. Due to the reason that SOAP message is the core of the exchanging information in Web Services, this research has developed a security model needed to ensure e-business security. The essence of our model depends on XML encryption and XML signature to encrypt and sign SOAP message. The proposed model looks forward to achieve a high speed of transaction and a strong level of security without jeopardizing the performance of transmission information.
SECURE DESCARTES: A SECURITY EXTENSION TO DESCARTES SPECIFICATION LANGUAGEijseajournal
With increase in demand for the security aspects of software, every phase of the Software Development Life Cycle (SDLC) is experiencing major changes with respect to security. Security designers, developers, and testers are keen on improving various security aspects of a system. Specification of security requirements propagates to different phases of an SDLC and there exist different techniques and methodologies to specify security requirements. Business level security requirements are specified using policy specification languages. The current literature has specification languages that are domain based, web based, network based, syntax based, semantics based, predicate based, and protocol based. In this research effort, a
generic secure policy prototype and components of the generic secure policy were defined using formal methods. The Descartes specification language, a formal executable specification language, has been developed to specify software systems. The development of a secure policy framework along with extended constructs of the Descartes specification language for specifying secure policies are some of the deliverables of this research effort. Concepts of secure policies were adopted from the SPromela, Ponder, and REI methodologies for secure policy specification, analysis, and design.
DATA SECURITY IN MOBILE DEVICES BY GEO LOCKINGIJNSA Journal
In this paper we present a way of hiding the data in mobile devices from being compromised. We use two level data hiding technique, where in its first level data is encrypted and stored in special records and the second level being a typical password protection scheme. The second level is for secure access of information from the device. In the first level, encryption of the data is done using the location coordinates as key. Location Coordinates are rounded up figures of longitude and latitude information. In the second phase the password entry differs from conventional schemes. Here we have used the patterns of traditional Rangoli for specifying the password and gaining access, thus minimising the chances of data leak in hostile situations. The proposed structure would be a better trade off in comparison with the previous models which use Bio Metric authentication – a relatively costly way of
authentication.
A Novel Information Accountability Framework for Cloud ComputingIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
File sharing becomes popular in social networking and the disclosure of private information without user’s consent can be found easily. Password management becomes increasingly necessary for maintaining privacy policy. Monitoring of violations of a privacy policy is needed to support the confidentiality of information security. This paper extends the analysis of two category confidentiality model to N categories, and illustrates how to use it to monitor the security state transitions in the information security privacy modeling.
Designing A Logical Security Framework for E-Commerce System Based on SOA ijsc
Rapid increases in information technology also changed the existing markets and transformed them into emarkets (e-commerce) from physical markets. Equally with the e-commerce evolution, enterprises have to recover a safer approach for implementing E-commerce and maintaining its logical security. SOA is one of the best techniques to fulfill these requirements. SOA holds the vantage of being easy to use, flexible, and recyclable. With the advantages, SOA is also endowed with ease for message tampering and unauthorized access. This causes the security technology implementation of E-commerce very difficult at other engineering sciences. This paper discusses the importance of using SOA in E-commerce and identifies the flaws in the existing security analysis of E-commerce platforms. On the foundation of identifying defects, this editorial also suggested an implementation design of the logical security framework for SOA supported E-commerce system.
Download Complete Material - https://www.instamojo.com/prashanth_ns/
Course Outline...
• Identify the need for XML as a standard data interchange format
• Identify the structure of XML documents
• Create an XML schema
• Declare attributes in an XML schema
• Identify the need for XML namespaces
• Reuse XML schema components
• Create groups of elements and attributes in an XML schema
• Transform an XML document through a Cascading Style Sheet
• Transform an XML document through Extensible Style Sheet Language
• Perform conditional formatting
• Use XPath pattern
• Present data in different formats
• Identify the XML Document Object Model
• Validate an XML document against an XML schema using the Document Object Model
• Apply a Style Sheet to an XML document
Investigating Soap and Xml Technologies in Web Service ijsc
In this paper, Investigating SOAP and XML technologies in web service is studied. The reason for using XML technology to transmit data and also the need for application of existing communicative structure in SOAP technology in web pages with WSDL technology are investigated uniquely. And also the need for searchable address giving for web service which is available in UDDI technology and the advantages of using it are explained for programmers.
INVESTIGATING SOAP AND XML TECHNOLOGIES IN WEB SERVICEijsc
In this paper, Investigating SOAP and XML technologies in web service is studied. The reason for using
XML technology to transmit data and also the need for application of existing communicative structure in
SOAP technology in web pages with WSDL technology are investigated uniquely. And also the need for
searchable address giving for web service which is available in UDDI technology and the advantages of
using it are explained for programmers.
XML Encryption and Signature for Securing Web ServicesCSEIJJournal
In this research, we have focused on the most challenging issue that Web Services face, i.e. how to secure
their information. Web Services security could be guaranteed by employing security standards, which is the
main focus of this search. Every suggested model related to security design should put in the account the
securities' objectives; integrity, confidentiality, non- repudiation, authentication, and authorization. The
proposed model describes SOAP messages and the way to secure their contents. Due to the reason that
SOAP message is the core of the exchanging information in Web Services, this research has developed a
security model needed to ensure e-business security. The essence of our model depends on XML encryption
and XML signature to encrypt and sign SOAP message. The proposed model looks forward to achieve a
high speed of transaction and a strong level of security without jeopardizing the performance of
transmission information.
XML ENCRYPTION AND SIGNATURE FOR SECURING WEB SERVICESijcsit
In this research, we have focused on the most challenging issue that Web Services face, i.e. how to secure their information. Web Services security could be guaranteed by employing security standards, which is the main focus of this search. Every suggested model related to security design should put in the account the securities' objectives; integrity, confidentiality, non- repudiation, authentication, and authorization. The proposed model describes SOAP messages and the way to secure their contents. Due to the reason that SOAP message is the core of the exchanging information in Web Services, this research has developed a security model needed to ensure e-business security. The essence of our model depends on XML encryption
and XML signature to encrypt and sign SOAP message. The proposed model looks forward to achieve a high speed of transaction and a strong level of security without jeopardizing the performance of transmission information.
Secure File SharingSecure File Sharing Using Access Contro.docxjeffreye3
Secure File Sharing
Secure File Sharing Using Access Control Raviprakash Ganji
Computer Security
Project: Secure File Sharing Using Access Control
Name: Raviprakash Ganji
Institution: New England College.
Abstract
Presently these day's sharing imperative documents are exceptionally unsafe. So, we have made a half and half answer for document stockpiling on the cloud. This is a propelled framework where User can choose a document from his telephone and enter a key for that record. For Uploading the File is broken in 2 separate chunks and these pieces are encoded by AES and DES calculation individually and after that, they have put away on the cloud server side. At that point client, 1 chooses another client with whom he will share the document to. Client 2 gets an SMS with Encrypted key. We will utilize Blowfish calculation for key Encryption. Client 2 will login into the application utilizing his accreditations. On the Home page, he can see every one of the documents shared to him. At the point when client endeavors to get to them, the application will check for the SMS automatically, and whenever scrambled SMS from the User 1 was discovered, Application will begin the unscrambling procedure. For decoding both the encoded records are unscrambled one by one and afterward combined.
Secure File Sharing: Presentation Cloud storage framework system have been the source of captivation for the online clients to have simple access any place and whenever clients need. Numerous online specialist organizations have succeeded to serve the individual clients, industrialists just as the businessmen to have their information on cloud with dependability and security. The quantities of versatile users who need to utilize the assets or administrations in a haste with the assistance of their cell or mobile phones from cloud-based frameworks are quickly expanding. This way toward using the cloud assets for capacity and progress of information by multipurpose users is a testing task. The cloud environment given by the online providers co-ops can be in the sort of open, private or crossover cloud. The cloud client chooses the kind of cloud condition dependent on the clients' choice to security or introduction arrangement. Numerous IT giants are utilizing the cloud administrations to decrease the on premises the cost which is more prominent than they accommodate the online specialist organizations. The cloud framework given by various sellers shows the multiplicity as for execution and estimating. The plan strategies are differed to accomplish focused outcomes as far as proficient administration, decreased cost, verified information stockpiling. The general advantages of the cloud framework are simple sharing, matching up, off webpage information st.
SECURE DESCARTES: A SECURITY EXTENSION TO DESCARTES SPECIFICATION LANGUAGEijseajournal
With increase in demand for the security aspects of software, every phase of the Software Development Life Cycle (SDLC) is experiencing major changes with respect to security. Security designers, developers, and testers are keen on improving various security aspects of a system. Specification of security requirements propagates to different phases of an SDLC and there exist different techniques and methodologies to specify security requirements. Business level security requirements are specified using policy specification languages. The current literature has specification languages that are domain based, web based, network based, syntax based, semantics based, predicate based, and protocol based. In this research effort, a
generic secure policy prototype and components of the generic secure policy were defined using formal methods. The Descartes specification language, a formal executable specification language, has been developed to specify software systems. The development of a secure policy framework along with extended constructs of the Descartes specification language for specifying secure policies are some of the deliverables of this research effort. Concepts of secure policies were adopted from the SPromela, Ponder, and REI methodologies for secure policy specification, analysis, and design.
DATA SECURITY IN MOBILE DEVICES BY GEO LOCKINGIJNSA Journal
In this paper we present a way of hiding the data in mobile devices from being compromised. We use two level data hiding technique, where in its first level data is encrypted and stored in special records and the second level being a typical password protection scheme. The second level is for secure access of information from the device. In the first level, encryption of the data is done using the location coordinates as key. Location Coordinates are rounded up figures of longitude and latitude information. In the second phase the password entry differs from conventional schemes. Here we have used the patterns of traditional Rangoli for specifying the password and gaining access, thus minimising the chances of data leak in hostile situations. The proposed structure would be a better trade off in comparison with the previous models which use Bio Metric authentication – a relatively costly way of
authentication.
A Novel Information Accountability Framework for Cloud ComputingIJMER
International Journal of Modern Engineering Research (IJMER) is Peer reviewed, online Journal. It serves as an international archival forum of scholarly research related to engineering and science education.
File sharing becomes popular in social networking and the disclosure of private information without user’s consent can be found easily. Password management becomes increasingly necessary for maintaining privacy policy. Monitoring of violations of a privacy policy is needed to support the confidentiality of information security. This paper extends the analysis of two category confidentiality model to N categories, and illustrates how to use it to monitor the security state transitions in the information security privacy modeling.
Designing A Logical Security Framework for E-Commerce System Based on SOA ijsc
Rapid increases in information technology also changed the existing markets and transformed them into emarkets (e-commerce) from physical markets. Equally with the e-commerce evolution, enterprises have to recover a safer approach for implementing E-commerce and maintaining its logical security. SOA is one of the best techniques to fulfill these requirements. SOA holds the vantage of being easy to use, flexible, and recyclable. With the advantages, SOA is also endowed with ease for message tampering and unauthorized access. This causes the security technology implementation of E-commerce very difficult at other engineering sciences. This paper discusses the importance of using SOA in E-commerce and identifies the flaws in the existing security analysis of E-commerce platforms. On the foundation of identifying defects, this editorial also suggested an implementation design of the logical security framework for SOA supported E-commerce system.
Download Complete Material - https://www.instamojo.com/prashanth_ns/
Course Outline...
• Identify the need for XML as a standard data interchange format
• Identify the structure of XML documents
• Create an XML schema
• Declare attributes in an XML schema
• Identify the need for XML namespaces
• Reuse XML schema components
• Create groups of elements and attributes in an XML schema
• Transform an XML document through a Cascading Style Sheet
• Transform an XML document through Extensible Style Sheet Language
• Perform conditional formatting
• Use XPath pattern
• Present data in different formats
• Identify the XML Document Object Model
• Validate an XML document against an XML schema using the Document Object Model
• Apply a Style Sheet to an XML document
Investigating Soap and Xml Technologies in Web Service ijsc
In this paper, Investigating SOAP and XML technologies in web service is studied. The reason for using XML technology to transmit data and also the need for application of existing communicative structure in SOAP technology in web pages with WSDL technology are investigated uniquely. And also the need for searchable address giving for web service which is available in UDDI technology and the advantages of using it are explained for programmers.
INVESTIGATING SOAP AND XML TECHNOLOGIES IN WEB SERVICEijsc
In this paper, Investigating SOAP and XML technologies in web service is studied. The reason for using
XML technology to transmit data and also the need for application of existing communicative structure in
SOAP technology in web pages with WSDL technology are investigated uniquely. And also the need for
searchable address giving for web service which is available in UDDI technology and the advantages of
using it are explained for programmers.
XML Encryption and Signature for Securing Web ServicesCSEIJJournal
In this research, we have focused on the most challenging issue that Web Services face, i.e. how to secure
their information. Web Services security could be guaranteed by employing security standards, which is the
main focus of this search. Every suggested model related to security design should put in the account the
securities' objectives; integrity, confidentiality, non- repudiation, authentication, and authorization. The
proposed model describes SOAP messages and the way to secure their contents. Due to the reason that
SOAP message is the core of the exchanging information in Web Services, this research has developed a
security model needed to ensure e-business security. The essence of our model depends on XML encryption
and XML signature to encrypt and sign SOAP message. The proposed model looks forward to achieve a
high speed of transaction and a strong level of security without jeopardizing the performance of
transmission information.
XML ENCRYPTION AND SIGNATURE FOR SECURING WEB SERVICESijcsit
In this research, we have focused on the most challenging issue that Web Services face, i.e. how to secure their information. Web Services security could be guaranteed by employing security standards, which is the main focus of this search. Every suggested model related to security design should put in the account the securities' objectives; integrity, confidentiality, non- repudiation, authentication, and authorization. The proposed model describes SOAP messages and the way to secure their contents. Due to the reason that SOAP message is the core of the exchanging information in Web Services, this research has developed a security model needed to ensure e-business security. The essence of our model depends on XML encryption
and XML signature to encrypt and sign SOAP message. The proposed model looks forward to achieve a high speed of transaction and a strong level of security without jeopardizing the performance of transmission information.
Secure File SharingSecure File Sharing Using Access Contro.docxjeffreye3
Secure File Sharing
Secure File Sharing Using Access Control Raviprakash Ganji
Computer Security
Project: Secure File Sharing Using Access Control
Name: Raviprakash Ganji
Institution: New England College.
Abstract
Presently these day's sharing imperative documents are exceptionally unsafe. So, we have made a half and half answer for document stockpiling on the cloud. This is a propelled framework where User can choose a document from his telephone and enter a key for that record. For Uploading the File is broken in 2 separate chunks and these pieces are encoded by AES and DES calculation individually and after that, they have put away on the cloud server side. At that point client, 1 chooses another client with whom he will share the document to. Client 2 gets an SMS with Encrypted key. We will utilize Blowfish calculation for key Encryption. Client 2 will login into the application utilizing his accreditations. On the Home page, he can see every one of the documents shared to him. At the point when client endeavors to get to them, the application will check for the SMS automatically, and whenever scrambled SMS from the User 1 was discovered, Application will begin the unscrambling procedure. For decoding both the encoded records are unscrambled one by one and afterward combined.
Secure File Sharing: Presentation Cloud storage framework system have been the source of captivation for the online clients to have simple access any place and whenever clients need. Numerous online specialist organizations have succeeded to serve the individual clients, industrialists just as the businessmen to have their information on cloud with dependability and security. The quantities of versatile users who need to utilize the assets or administrations in a haste with the assistance of their cell or mobile phones from cloud-based frameworks are quickly expanding. This way toward using the cloud assets for capacity and progress of information by multipurpose users is a testing task. The cloud environment given by the online providers co-ops can be in the sort of open, private or crossover cloud. The cloud client chooses the kind of cloud condition dependent on the clients' choice to security or introduction arrangement. Numerous IT giants are utilizing the cloud administrations to decrease the on premises the cost which is more prominent than they accommodate the online specialist organizations. The cloud framework given by various sellers shows the multiplicity as for execution and estimating. The plan strategies are differed to accomplish focused outcomes as far as proficient administration, decreased cost, verified information stockpiling. The general advantages of the cloud framework are simple sharing, matching up, off webpage information st.
A novel cloud storage system with support of sensitive data applicationijmnct
Most users are willing to store their data in the c
loud storage system and use many facilities of clou
d. But
their sensitive data applications faces with potent
ial serious security threats. In this paper, securi
ty
requirements of sensitive data application in the c
loud are analyzed and improved structure for the ty
pical
cloud storage system architecture is proposed. The
hardware USB-Key is used in the proposed architectu
re
for purpose of enhancing security of user identity
and interaction security between the users and the
cloud
storage system. Moreover, drawn from the idea of da
ta active protection, a data security container is
introduced in the system to enhance the security of
the data transmission process; by encapsulating th
e
encrypted data, increasing appropriate access contr
ol and data management functions. The static data
blocks are replaced with a dynamic executable data
security container. Then, an enhanced security
architecture for software of cloud storage terminal
is proposed for more adaptation with the user's sp
ecific
requirements, and its functions and components can
be customizable. Moreover, the proposed architectur
e
have capability of detecting whether the execution
environment is according with the pre-defined
environment requirements.
D
ata validation is
becoming
more and more
important
w
ith the ever
-
growing amount of data being
consumed a
nd transmitted by systems over the Internet. It is important to ensure that the data being sent is
valid as
it
may cont
ain entry
errors, which
may be
consumed
by different systems
causing further errors
.
XML has become the defacto standard for data transfe
r. The XML Schema Definition language (XSD) was
created to help XML
structural
validation and provide a schema for data type restrictions, however it does
not allow for more complex
situations
. In this article we
introduce a way to provide rule based XML
v
alidation
and correction
through the extension
and improve
ment of our SRML metalanguage.
We also
explore the option of
applying it in
a database as a trig
ger for CRUD
operations
allowing
more granular
data
set
validation
on an ato
mic level
allow
ing
for more
com
plex
dataset record
validation rules
Implementation of Agent Based Dynamic Distributed ServiceCSCJournals
The concept of distributed computing implies a network / internet-work of independent nodes which are logically configured in such a manner as to be seen as one machine by an application. They have been implemented in many varying forms and configurations, for the optimal processing of data. Agents and multi-agent systems are useful in modeling complex distributed processes. They focus on support for (the development of) large-scale, secure, and heterogeneous distributed systems. They are expected to abstract both hardware and software vis-à-vis distributed systems. For optimizing the use of the tremendous increase in processing power, bandwidth, and memory that technology is placing in the hands of the designer, a Dynamically Distributed Service (to be positioned as a service to a network / internet-work) is proposed. The service will conceptually migrate an application on to different nodes. In this paper, we present the design and implementation of an inter-mobility (migration) mechanism for agents. This migration is based on FIPA ACL messages. We also evaluate the performance of this implementation.
Similar to Parsing of xml file to make secure transaction in mobile commerce (20)
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
PHP Frameworks: I want to break free (IPC Berlin 2024)
Parsing of xml file to make secure transaction in mobile commerce
1. International Journal on Computational Sciences & Applications (IJCSA) Vol.3, No.5 October 2013
PARSING OF XML FILE TO MAKE SECURE
TRANSACTION IN MOBILE COMMERCE
JyotiBatra Arora1 and Dr.Sushila Madan2
1
Research Scholar, BanasthalividyapeethUniversity,Rajsthan
2
Associate Professor, Lady Shri Ram College,New Delhi.
ABSTRACT
Mobile commerce M-Commerce is transaction using mobile devices. Now a day’s users are dependable on
mobile phone because of its anytime, anywhere features. User purchase and pay more with their mobile
device than desktop. Therefore, the security of M-commerce transaction should be strong enough to
enhance its performance. Mobile phones use WAP, i-mode and J2ME technologies for programming for
making transaction. The data during transaction is sent as XML file. The XML processor takes more time to
encrypt which leads to breakdown the security during transaction. This paper has defined the code to parse
XML file which reduces it size so that data during transaction would be sent with ease and fast. The code is
written in XML and J2ME as these technologies can easily run on multiple platform.
KEYWORDS : WAP,i-mode,J2ME,XML,Parser
1. INTRODUCTION
Mobile phones are emerging as ubiquitous technology in wireless environment. Ease of
availability, uniqueness, small size and anytime work allow the user to use mobile phones more
than desktop. Users take advantage of this aesthetic consideration. Mobile phones are using
Wireless Application Protocol (WAP), i-mode and J2ME as protocols of programming for
making transaction through mobile devices. WAP technology requires the network connection for
any kind of data processing. The request is encrypted in WTLS and decrypted as TLS data which
make encrypted data vulnerable. Yaun and Lung (2006) in their study proposed that applications
in J2ME offer more in terms of features and security than WAP. They have also explained that
for high level mobile security code one should look no further than J2ME applications. In imode, digital radio packets are sent between handset and radio towers are encoded via a
proprietary DoCoMo scheme. This information about this scheme is not available. Java platform
make users to develop portable code that can run on multiple platform. It has been designed to
strike a balance between portability and usability. J2ME with XML overcomes the problem of
Denial of Service and Non-repudiation attack. It parses the message to be sent to and by merchant
so that only authenticated user can access the data. This process avoids stealing of PIN. Parsing
of XML file with J2ME is done to provide more security during mobile transaction. This research
paper has a pragmatic approach to secure adoption model for M-Commerce for generic mobile
devices using J2ME with XML, where the parsing size of XML is reduced which makes secure
transactions by controlling the delay and error in mobile transactions.
2. FEATURES OF XML REQUIRED FOR PARSING
In this web centric world, systems are designed with HTML browser as the client. The client
functions as terminal and performs a very little of application processing. With the expansion of
wireless world the server vendor serves WML over WAP and HTML over HTTP. XML
DOI:10.5121/ijcsa.2013.3502
9
2. International Journal on Computational Sciences & Applications (IJCSA) Vol.3, No.5, October 2013
overcomes the limitation of HTML and protects the information distributed on web. XML has
multi-tire structure to work with J2ME. Lee etal. (2004) in their paper has given multi-tier
architecture of XML which described a standalone client which can communicate with the
applications on server in different ways. The client can use RMI to manipulate the remote object
and make HTTTP connection. The main advantage of using standalone client than browser is the
chance to provide a rich user interface whereas the main limitation is the difficulty of client
installation and maintenance. XML can be used on different platforms such as UNIX, Linux,
Solaris and Microsoft Windows. It can even work on mainframe systems.XML with J2ME plays
an important role in protecting the data not only stored within devices but also data that
transferred over the network. XML with J2ME provides security solution for confidentiality, nonrepudiation, authentication and integrity. It has features such as flexibility, extensibility and
compatibility which make its better use for secure transaction in mobile devices.
3. NEED OF PARSING XML FILE
The security of M-Commerce should be strong enough to protect different transaction from
abuses and to the user’s trust. XML based services have two challenges i.e. security and
performance. XML based security threats are emerging and consists of mainly data compromise,
XML based DoS (Denial of Service) and Content based attack. The computer hardware can
understand only one language. When the code is written in XML, hardware has no clue what it
means. Parsers as software convert the code into hardware recognizable form. It is the process of
analyzing XML document and generates the internal and structured data representation to be
accessed by application program. The main aim of parser is to transform XML into a readable
form. Maruyama etal. (2002) poised that parsing is the fundamental function of XML processor.
XML processing function includes XML parsing with schema validation. It parses the XML
message and checks for its validation. The result of XML parsing should provide enough support
for XML query, XML security. It transforms the text into a data structure such as semantic
checking, code generation.
As Before computation of digital signature, the canoicalization has to be performed to show the
presence of canonicalization element in signed info. An XML signature is verified by using URI
information of resources in reference element. These resources are transformed using transform
algorithm specified in transform method element. Digest value is accessed using digest algorithm
which is specified in digest method element. The computed digest values are compared with
Signature value for verification of references. The signature is verified using public key
information which is received from the KeyInfo element and this value is compared with value in
the signature value element. XML signature neither specifies how keys are associated with
persons nor the meaning of data being referenced and signed. The complete process flow is in the
paper by Wang Wei (2007).
XML Encryption (2002, 2003) described XML signature and encryption as widely used and
building block technologies. It is easy and a natural way to handle security in data interchange
application. XML security system consists of XML parsing with schema validation, XML
signature and XML encryption. If XML is used at server side then it is consider as a data
exchange format. Sending the data from client to server has many advantages such as selfdescribing data and loosely coupling between the client and server.
4. PARSING TECHNIQUES
Parsers can be in different format and style such as free standing software, libraries, modules and
classes. Parsers can be divided into two independent dimensions 1.Validate, 2. Non validate
10
3. International Journal on Computational Sciences & Applications (IJCSA) Vol.3, No.5, October 2013
parser. A validating parser compares a set of specific rules for specific XML file and gives
decision about default values and validates data types. It uses document type definition or XML
schema definition. A non-validating parser provides the code for quick check for all basics. It is
simpler as compared to validating parser. During development cycle, validating XML parser
ensures the documents generated by server are clean. Apart from above parsers computer
hardware uses standalone parser which requires separate package to parse XML. These parsers
are handy, so that user can parse the code locally or without editor. These parsers serve little
purpose as most of the editing software has inbuilt parsers.
XML parser is software or Java class which reads XML file and checks for its conformance to
standard and validates it. XML parser generates a structured tree to return the results to browser.
It is similar to processor that determines the structure and properties of data. XML parser
deciphers the XML code and provides the information to the program for reading the files. XML
is not very efficient way to express data, as latency is major issue of data transfer rate and latency
rate is very high during transfer of message. Wei Wang (2007) in his paper has defined two key
challenges i.e. Security and Performance for deployment of XML based services. The security
issues lead to development of XML security processing functions, XML encryption and XML
signature to provide element level protection. Increase in XML traffic and increase in
consumption of system resources by XML processing overloads the system and decrease the
performance of XML based services. The XML devices require advance XML processing
algorithm to support high performance services.
Parsing can be done either through algorithm or by programming interface. Researchers have
given different algorithm for parsing. Papakonstantinou (2003) has defined Tree parsing
algorithm which parsers the XML message into a tree name where element name and attribute
values are represented as nodes. Hanslo (2003) in his paper said that XML is widely adopted and
preferred mark-up language because of its easy integration with other system. He also stated that
most of the processing time at the client and server will be spent in parsing XML document and
extract the required data. Nag (2004) in his paper defined the tokenized XML format as memory
efficient parsing algorithm. This algorithm is optimized by using a code table for memory usage
and XML query. The XML message is cut into several pieces and stored in memory.
Zang (2006) in his paper defined non extractive parsing algorithm which is having a two-tuple
integer array for each character string in XML message. The first tuple is used for offset of the
string and other is used for the length of string. This is very useful in memory usage and XML
query, but does not support XML security processing. These three algorithms are well designed
but do not aim at specific XML security processing such as XML encryption and XML signature.
The strict syntax and parsing requirements make necessary parsing algorithm extremely simple
efficient and consistent. The further research detail is on the XML paring with secure feature.
XML parsing can also be done through following two Programming interface i.e. 1. DOM
(Document Object Model) 2. SAX (Simple API for XML). The new and other developed model
use the aforesaid programming interfaces as their base. These models are actually API used by
user for processing XML document with Java. XML uses Document Type Definition (DTD) with
extension .dtd to provide the specification to text element in a model document. It specifies the
attribute and the valid value of element. XML processor includes two basic types of APIs to read
XML document a. Tree based APIs b. Event based APIs. DOM model (2004) in their paper
described DOM as a tree based API for accessing XML document. The XML document is
represented as tree structure where XML tag is a node. Data is stored as a tree in memory which
allows navigating the tree and serializes it back. This is also a drawback as it requires more
memory to store the entire document even when only a portion of document is to be processed.
11
4. International Journal on Computational Sciences & Applications (IJCSA) Vol.3, No.5, October 2013
XML tutorial (2005) described SAX as primary event based processing. This reports the parsing
event directly to application through call back method. JDOM (Java based Document Object
Model), JAXP (Java API for XML processing), Xerces are few types of API supporting both
DOM and SAX. These parsers require more memory and are resource intensive.
Soma Gosh (2003) in her paper showed that due to demand of more processing power by XML
parser, J2ME applications are moving out of this trend. MIDP programmers take the advantage of
small foot print XML parser to develop program for J2ME application. Collado etal. (2008) has
described another problem of dynamic allocation of memory during XML parsing operation. As
the process is not time deterministic, so leads to memory fragmentation and failure to allocate
sufficient memory for the operation. They have defined a processor named EXDOM (Embedded
XML DOM Parser) using J2ME platform for data analysis on Network Embedded System (NES)
and optimal use of memory. It works with environment that has limited memory and
computational power and also overcome the problem of predictable real time response. It deals
with pooling and reuse of objects, node value retrieval with single tree navigation operation and
programming optimization with Inlining method. They have used the basis of Cheng (2006) who
said that the set of optimization practices like class merging, elimination of variables or method
Inlining reduce the size of codes or heap usage; where reduction in code size decreases the total
number of bytes used by program in memory and reduction of heap usage indicates the
availability of dynamic memory for other application. EXDOM has shown a better performance
on execution time for small XML document. It also avoids the garbage collection and maintains a
constant amount usage of memory. It lacks in method in order to improve the performance and
predictability of XML document serialization. It does not define the method achieve full XML
compliance whilst maintaining the performance characteristics.
Wenjun Liu (2010) in his paper defined the web service’s architecture and constructional method
as a solution to data transmission between mobile clients and WEB server and XML data parsing
by taking care of few issues like mobile devices, small memory capacity and high cost of wireless
network. He has described a model based on M-Commerce and Web services and use three
primary steps i.e. Service Identification, Service Appointment and Service Realization. He has
described a model which explains the M-Commerce architecture which is based on web service
using J2EE_J2ME technology and SOA method. He has used simple parsing of XML. The only
difference is that the client uses a specific method of web service which according to client makes
no difference with any other method, but actually clients are communicating with deputy classes.
He has used HTTP protocol as request/response protocol as all the realization of MIDP support
HTTP, so it becomes suitable for all kind of mobiles.
Rami Alnaqeib etal. (2010) in their paper has shown that the different way to reduce XML
parsing is to change XML, which is an idea behind less than 19 proposals for binary
representation of XML document, as the binary representation is faster than textual data. In their
paper they have given the conformance test on a number of parsers like Elliotte conducted test
and concluded that Xerces is most conformant parser to SAX standard. Mohseni in his
performance test showed that Microsoft XML (MSXML) had shortest load time. Among the
DOM parser no one is proven as best option. Ajeet Singh etal. (2012) in their paper described
two important security technologies – XML signature and XML Encryption with review of
XML key management of public keys to protect the payment information distributed over
internet. They have provided a security mechanism that is not covered by SSL/TLS. In their
mechanism they have also assumed that the data is parsed in XML.
In summary, we can say that Xerces is the best option as it provides support to XML and API
standard. It has also won the award of best XML parser in year 2002 by XML journal/web
services journal reader’s choice award. From the above discussion it has been shown that poor
12
5. International Journal on Computational Sciences & Applications (IJCSA) Vol.3, No.5, October 2013
performance in parsing XML file causes the serious obstacle to adopt XML based solution in ECommerce and M-Commerce. Therefore, many researchers are working also till date to improve
the parsing phase even by binary representation of XML document. Researchers are also working
on schema specific parsing, where parser is generated to only recognize XML document
compliant with the source XML schema specification.
5. EFFECT OF OPERATING SYSTEM ON XML PARSING
The mobile operating systems are pre-installed on smart phones and have different criteria in
security and functionality than desktop systems. There are different operating systems used in
mobile devices. Each operating system is used in specific mobile device and support XML
Processing. The parsing of XML file in different operating system takes different time. A few of
operating system can parse XML file by the use of third party software. The mobile operating
system restricts administrative control through users. The detail of common operating system
used in mobile devices is:
1. Apple iphone operating system: Apple is major market player and given an edge to his
competitors. Dotcom infoway (2009) in his paper poised that apple has given a PC-grade
operating system for smart phones. Microsoft Windows for mobile edition has given
apple iphone operating system a big competition. Palm operating system works as
comprehensive OS for smart phones. Apple iphone has no background thread and has
ambiguous approval process whereas android has limitation of limited documents.
2. Google Android : It is similar to Apple iphone operating system. The main advantage of
this operating system is that it is tied with web based search and other services. Google
has opted for Java as programming language and help the programmer to program the
application with eclipse and stimulate the application in another Java process. The Java
based application tools are of low cost and takes less time to develop. The SAX and
DOM XML parser are available for android. Both parsers API is on android are as same
as Java. These parsers have their limitations so these are not recommended to use.
3. Symbian Operating system: This operating system works with lower end phones with
less memory and not having a pure web browsing and GPS utilities but having J2ME
application. It has captured the market because of easily affordable cost.
4. RIM Black Berry: This uses a unique push technology. It runs dynamic widgets in
background and at the same time give active alert to user. It provides emulator but it has
limitation that it can only use J2ME and few RIM libraries.
J2ME has different standard libraries to process XML Files different parsers are available for
different operating system. The Java standard also has STAX parser which is also not a part of
android platform. Android provide XML parsing which is not available in standard Java but has
similarity with STAX parser. The pull parser is the best option to use on android platform because
it is fast and require less memory as compared to DOMAPI.
6. XML PARSING
The mobile devices use internet connection to make transaction. The most efficient way to
transfer data between different platform and technologies is to use XML file. XML parser is
required to process and extract XML file. A node is required to process XMLK file. It can be
done through following coding:
13
6. International Journal on Computational Sciences & Applications (IJCSA) Vol.3, No.5, October 2013
public XMLNode(int nodetype)
{
this.nodetype=nodetype;
this.children=new.vector();
this.attribute=new Hashtable();
}
This node is parent text node which is used to get data by using getAttributeNames() function.
The data received is put into file by using attribute.put(). The child node can be generated using
aforesaid coding which is required to enter the data. The string data type is used to get the data.
Once the data is entered, the next step is to parse the XML file. A generic parser class is defined
using Kxml parser.
Public class GenericXMLParser
{
public XMLNode parseXML(KXmlParser parser, Boolean ignore whitespaces) throws Exception
{
Parse.next();
return_parse(parser,ignoreWhitespaces);
}
This code help to parse any XML file. The code is tested successfully in lab of
Telecommunication Company to see the result which shows that code can parse the file. This
code uses kXML parser which is a pull parser to avoid fragility caused by SAX parser. The code
takes very less time to execute and allow the safe transmission. The hacker has very less to make
any changes in transaction. Parsing makes the small packets of file to fasten the processing of the
file. This code of parsing has different effect on different operating system. As explained earlier
operating systems effect the transmission of data through mobile devices. This code is very
helpful in working with android operating system as DOM and SAX parsers both can work easily
on android operating system.
7. CONCLUSION
XML file is use to transfer the data through mobile device because of features. The parsing of
XML file reduces the size of file. The parsing can be done through algorithm and programming
interface. The proposed coding of parsing reduces the size of XML file to transact the data fast
and increase the security of transaction. The different operating systems used in mobile phones
have different impact on parsing the files. They affect the performance of parser. The further
research can be made on parsing techniques with respect to operating systems of mobile device.
14
7. International Journal on Computational Sciences & Applications (IJCSA) Vol.3, No.5, October 2013
As the new technology is developing the devices are coming with new and advance operating
systems, so this study is not limited.
REFERENCES:
1.
2.
3.
4
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
http://www.micsymposium.org/mics_2006/papers/HuKaoYangYeh.pdf.
H. Maruyama, K. Tamura, and N. Uramoto (2002), “XML and Java: Developing Web Applications”,
Addison Wesley, Upper Saddle River, NJ, USA.
Lee Young Joo, Moon Young KI and Sohn Won Sung (2004), ”Secure Mobile Commerce based on
XML Security”.
.Wang Wei (2007),”Security Based Heuristic SAX for XML Parsing”, Department of Automation,
Tsinghua University, China.
XML Encryption Syntax and Processing, W3C-Recommendation-(2002). Online available:
http://www.w3.org/TR/xmlenc-core/.
Y. Papakonstantinou and V. Vianu(2003), “Incremental Validation of XML Documents,” In Proc. of
9th International Conference on Database Theory (ICDT).
Hanslo S Wayne, MacGregor Ken J (2003),”Using XML messaging for wireless Middleware
Communication,” University of Capetown.
B. Nag (2004), “Acceleration Techniques for XML Processors,” In Proc. of XML 2004.
J. Zhang, “Non-Extractive Parsing for XML,” http://www.xml.com.
“Document Object model Core 2004,”,(2004), Online available: http://www.w3.org/TR/DOM-Level3Core/core.html.
XML tutorial (2005), “Introduction to XML and XML with Java,” Online available:
http://totheriver.com/learn/xml/xmltutorial.html.
Soma Ghosh (2003),”Add XML parsing to your J2ME application”,-combine mobile data and mobile
code on your mobile device, IBM developer works.
Zhou1 Yamming, Qu Mingbin (2006), “ A Run-time Adaptive and Code-size Efficient XML Parser”,
in Proceedings of the 30th Annual International Computer Software and Applications Conference
(COMPSAC'06), IEEE.
Jon Bosak S. et al, “Extensible Markup Language“,http://www.w3.org/TR/REC‐xml
Wei Zhang, Robert A. van Engelem (2006), “TDX: a High-PerformanceTable Driven XML Parser”,
in Proceedings of the 44th ACM Southeast Conference (ACM SE’06), pages 726-731.
Collado Esther Minguez, Soto M.Angeles Cavia, Garcia Jose A.Perrez, Delamer IvanM, Lastra Jose
L.Martinez,”Embedded XML DOM Parser:An approach for XML Data Processing on Networked
Embedded systems with Real-time Requirements”,EURASIP Journal on Embedded systems, Vol
2008,article id 163864.
S Cheng (2006), “Squeezing the last byte and Last Ounce of
PerformanceOnyourMIDLETS,”OnlineAvailable:
http://developers.sun.com/learning/javaoneonline/2006/mobility/TS-3418.pdf.
Ajeet Singh, Karan Singh, Azath Shahazad, Azath M, Kinga Satish Kumar (2012), ”Secure payment
information using XML technology”, International Journal of Advanced Research in computer
Science and Software Engineering, Vol 2 issue 5 May 2012.
Alnaqeib Rami,Alshammari H Fahad,Zaidan AA,Zaidan BB, Hazza M Zubaida (2010),”An
Overview:Extensible MArkup Language Tchnology,Journal of Computing ,Vol 2, Issue 6,June 2010.
R H Elliotte(2004), R. H., “SAX Conformance Testing”, in Proceedings of the XML Conference.
Mohseni P., “Choose Your Java XML Parser”,http://www.devx.com/xml/Article/169XMLJ News
Desk, Journal Readers Choice Award, http://xml.syscon.com/read/440
Liu Wenjun (2010),”Design and Implement Large Mobile-Commerce system Based on WEB
Services”, College of Management, South-Central University for Nationalities, Wuhan, China.
Liu Wenjun (2010),”Design and Implement Large Mobile-Commerce system Based on WEB
Services”, College of Management, South-Central University for Nationalities, Wuhan, China.
Infoway Dotcom (2009),” Mobile OS and efforts towards open standards”, October 2009
15