- JP>
A System for Securing Push-based Distribution of XML Documents (2007)
-
Elisa Bertino, Elena Ferrari, Federica Paci, Loredana Parasiliti Provenza
International Journal of Information Security 6(4):255–284, 2007.
Push-based systems for distributing information through Internet are today becoming more and more popular and widely used. The widespread use of such systems raises non trivial security concerns. In particular, confidentiality, integrity and authenticity of the distributed data must be ensured. To cope with such issues, we describe here a system for securing push distribution of XML documents, which adopts digital signature and encryption techniques to ensure the above mentioned properties and allows the specification of both signature and access control policies. We also describe the implementation of the proposed system and present an extensive performance evaluation of its main components.
Categories: Digital Signatures, Authenticity, Access Control, XML
- CP>
Signature and Access Control Policies for XML Documents (2003)
-
Elisa Bertino, Elena Ferrari, Loredana Parasiliti Provenza
Proceedings: European Symposium on Research in Computer Security (ESORICS 2003), pp. 1–22, 2003
Information push is today an approach widely used for information dissemination in distributed systems. Under information push, a Web data source periodically (or whenever some relevant event arises) broadcasts data to clients, without the need of an explicit request. In order to make information push usable in a large variety of application domains, it is however important that the authenticity and privacy requirements of both the receiver subjects and information owners be satisfied. Although the problem of confidentiality has been widely investigated, no comparable amount of work has been done for authenticity. In this paper, we propose a model to specify signature policies, specifically conceived for XML data. The model allows the specification of credential-based signature policies, supporting both single and joint signatures. Additionally, we provide an architecture for supporting the generation of selectively encrypted and authenticated XML document, ensuring at the same time the satisfaction of both access control and signature policies. The work reported in this paper has been partially supported by the EU under the PANDA IST Thematic Network.
Categories: Digital Signatures, Authenticity, Access Control, XML