1. Field of the Invention
The present invention relates to peripheral devices that support networking, information processing apparatuses that control the peripheral devices, information processing methods, and programs therefor.
2. Description of the Related Art
With the recent development of Web services, Extensible Markup Language (XML) is used in an increasing variety of applications such as business document management, messaging, and database. In accordance with the trend, XML-based security standards for Web services are being developed. For example, specifications relating to XML security, such as XML Digital Signature, XML Encryption, and WS-Security are being developed by standardization organizations such as the World Wide Web Consortium (W3C) and Organization for the Advancement of Structured Information Standards (OASIS).
As an example of XML-based Web services, in the case of UPnP®, which is being developed under the auspices of Microsoft® Corporation, a device description document in which information of a device that provides a service is written in XML is sent to a client that requests the service. The document includes information of a destination of a job request for controlling the service, written in the form of a uniform resource locator (URL).
When the service is used in an environment where a malicious third party is unlikely to get in, such as a home local area network (LAN) or a small office LAN, the need for hiding the destination of the job request is low. However, when a large number of general users can use the service via the Internet, if the destination of the job request is written in XML in a readable form, an unauthorized job could be placed by a malicious third party, possibly causing damage to the system that provides the service. Thus, in such an environment, security measure is to be taken on information written in the device description document.
For example, in a system for distributing moving-picture data over the Internet, techniques for a data encryption device that allows encrypting only a part of moving-picture data distributed so that only the part of data has to be decrypted, thus reducing cost of security processing, have been disclosed (refer to Japanese Patent Laid-Open No. 07-87077). The present invention has been made in view of the problems described below, not just simply for encrypting a part of a data stream.
When taking security measure for a service such as distribution of moving-picture data, common encryption algorithms, protocols, and the like must be used by a provider and a user of the service. Furthermore, a security system in accordance with a system configuration for using the service must be implemented.
That is, when XML-based Web services are provided, even if the services use the same functions, different methods of XML digital signature and XML encryption are needed in accordance with environments, security levels, and system configurations for using the services. That is, a security processing program must be developed for each software application that provides a service. This increases development cost, inhibits introduction of an optimal security system at an optimal timing, and causes damage through unauthorized access.