method and system for protecting a message in an xml attack the exchange in a distributed and decentralized networking system

摘要

A method for protecting a message from an XML rewriting attack when being exchanged in a distributed and decentralized network system between an initial sender and an ultimate receiver is provided, wherein the message comprises message elements including a number of signed message elements and is represented in a tree structure formed by the message elements with an envelope as its root with at least two children, a body and a header, the header having at least a first attack preventing header block, wherein all message elements are represented by a unique ID attribute, respectively, and the initial sender sends the message together with structure specific information of the message to the ultimate receiver, wherein the information is carried by the first attack preventing header block and comprises at least a digest value of a pre-order traversal list of the message tree and for each signed message element targeted to the ultimate receiver the ID attribute, a depth, a parent's name and the parent's ID attribute, so that the ultimate receiver when receiving the message can identify any XML rewriting attack against any one of the signed message elements by comparing the structure specific information which can be derived from the received message with the information carried by the attack preventing header block. Furthermore, an appropriate system is disclosed.