XML Signature Wrapping Still Considered Harmful: A Case Study on the Personal Health Record in Germany

06/19/2021
by   Paul Höller, et al.
0

XML Signature Wrapping (XSW) has been a relevant threat to web services for 15 years until today. Using the Personal Health Record (PHR), which is currently under development in Germany, we investigate a current SOAP-based web services system as a case study. In doing so, we highlight several deficiencies in defending against XSW. Using this real-world contemporary example as motivation, we introduce a guideline for more secure XML signature processing that provides practitioners with easier access to the effective countermeasures identified in the current state of research.

READ FULL TEXT
research
04/30/2020

Extracting Layered Privacy Language Purposes from Web Services

Web services are important in the processing of personal data in the Wor...
research
01/11/2023

Secure access system using signature verification over tablet PC

Low-cost portable devices capable of capturing signature signals are bei...
research
08/30/2017

Learning from development of a third-party patient-oriented application using Australian national personal health records system

Large-scale national level Personal Health Record (PHR) has been impleme...
research
11/23/2012

NanoInfoBio: A case-study in interdisciplinary research

A significant amount of high-impact contemporary scientific research occ...
research
09/18/2021

Anti-Neuron Watermarking: Protecting Personal Data Against Unauthorized Neural Model Training

In this paper, we raise up an emerging personal data protection problem ...
research
02/08/2021

E-Health Management Services in Supporting Empowerment

The Web technology provides healthcare providers the ability to broaden ...
research
07/24/2019

Electronic health record in the era of industry 4.0: the French example

The recent implementation of the Electronic Health Record (EHR) in Franc...

Please sign up or login with your details

Forgot password? Click here to reset