Abstract
Providing access control for published XML documents on the Web is an important topic. It involves the use of cryptographic techniques, addressing different requirements and, as a result, facing several challenges. Existing solutions still have some weaknesses such as system update cost, number of required secret encryption/decryption keys, size of encrypted document and supporting temporal and delegable access. This study propose a push--based access control policy enforcement mechanism for addressing these issues using a Dynamic Key Management Table (DKMT) and based on Identity Based Encryption (IBE). The proposed mechanism addresses the existing challenges and provides a more acceptable solution.
Highlights
The XML language has become a de facto standard for data exchanging and transmitting on the Web
Using the Identity Based Encryption (IBE) provides us with several advantages such as: (i) supporting the temporal access by generating temporal public/private keys for a user from his identity plus access period; (ii) supporting delegable access by generating delegated public/private keys from the delegated user identity plus access period plus delegation period (e.g., “Sam+2009+May”); and (iii) simplifying the key management task because in IBE the public key of user is his identity and there is no need to use a PKI to provide each user with a public key certificate
To the best of our knowledge, our solution is the first push-based XML access control policy enforcement that provides a user with delegable access and a reduced decrypted document size
Summary
XML document may contain secret data that must be protected from unauthorized use so XML access control is an important topic in Web information security (Bertino et al, 2001). A comprehensive XML access control system includes two parts, policy specification and policy enforcement (Bertino et al, 1999). Based on the policy enforcement, the existing XML access control systems are classified into two categories pull-based and push-based systems (Bertino et al, 1999; Miklau and Suciu, 2003). In the pull-based systems, a server receives a request from a user and responds with a proper result (document or document portion). The document cannot be completely protected using IPSec or SSL protocols since the document’s nodes have different access by different users. The nodes are encrypted with different secret keys which are distributed to users in a way that each user receives only the secret keys of the nodes that they are authorized to access
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
