In this chapter we present a novel approach for securing financial XML transactions using an effective and intelligent fuzzy classification technique. Our approach defines the process of classifying XML content using a set of fuzzy variables. Upon fuzzy classification phase, a unique value is assigned to a defined attribute named "ImportanceLevel". Assigned value indicates the data sensitivity for each XML tag. The model also defines the process of securing classified financial XML message content by performing element-wise XML encryption on selected parts defined in fuzzy classification phase. Element-wise encryption is performed using symmetric encryption using AES algorithm with different key sizes. Key size of 128-bit is being used on tags classified with "Medium" importance level; a key size of 256-bit is being used on tags classified with "High" importance level. An implementation has been performed on a real-life environment using online banking system to demonstrate system efficiency. Our experimental results verified tangible enhancements in encryption efficiency, processing-time reduction, and resulting XML message sizes.
|Title of host publication||Emerging Trends in ICT Security|
|Editors||Babak Akhgar, Hamid Arabnia|
|Publisher||Morgan Kaufmann Publishers, Inc.|
|Number of pages||28|
|Publication status||Published - 25 Nov 2013|
|Name||Emerging Trends in Computer Science and Applied Computing|