ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Securing XML data in third-party distribution systems
Full text PdfPdf (200 KB)
Source Conference on Information and Knowledge Management archive
Proceedings of the 14th ACM international conference on Information and knowledge management table of contents
Bremen, Germany
SESSION: Paper session DB-2 (databases): security and privacy table of contents
Pages: 99 - 106  
Year of Publication: 2005
ISBN:1-59593-140-6
Authors
Barbara Carminati  University of Insubria at Como, Como, Italy
Elena Ferrari  University of Insubria at Como, Como, Italy
Elisa Bertino  Purdue University, Lafayette
Sponsors
ACM: Association for Computing Machinery
SIGIR: ACM Special Interest Group on Information Retrieval
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 8,   Downloads (12 Months): 73,   Citation Count: 4
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1099554.1099575
What is a DOI?

ABSTRACT

Web-based third-party architectures for data publishing are today receiving growing attention, due to their scalability and the ability to efficiently manage large numbers of users and great amounts of data. A third-party architecture relies on a distinction between the Owner and the Publisher of information. The Owner is the producer of information, whereas Publisher provides data management services and query processing functions for (a portion of) the Owner's information. In such architecture, there are important security concerns especially if we do not want to make any assumption on the trustworthy of the Publishers. Although approaches have been proposed [4, 5] providing partial solutions to this problem, no comprehensive framework has been so far developed able to support all the most important security properties in the presence of an untrusted Publisher. In this paper, we develop an XML-based solution to such problem, which makes use of non-conventional digital signature techniques and queries over encrypted data.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Elisa Bertino , Barbara Carminati , Elena Ferrari , Bhavani Thuraisingham , Amar Gupta, Selective and Authentic Third-Party Distribution of XML Documents, IEEE Transactions on Knowledge and Data Engineering, v.16 n.10, p.1263-1278, October 2004  [doi>10.1109/TKDE.2004.63]
2
Elisa Bertino , Elena Ferrari, Secure and selective dissemination of XML documents, ACM Transactions on Information and System Security (TISSEC), v.5 n.3, p.290-331, August 2002  [doi>10.1145/545186.545190]
 
3
B. Carminati, E. Ferrari, E. Bertino. Securing XML Data in Third-Party Distribution Systems. Technical Report, University of Insubria at Como. Available at http://scienze-como.uninsubria.it/carminati/SE-ENC.pdf
4
P. Devanbu , M. Gertz , A. Kwong , C. Martel , G. Nuckolls , S. G. Stubblebine, Flexible authentication of XML documents, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA  [doi>10.1145/501983.502003]
5
Hakan Hacigümüş , Bala Iyer , Chen Li , Sharad Mehrotra, Executing SQL over encrypted data in the database-service-provider model, Proceedings of the 2002 ACM SIGMOD international conference on Management of data, June 03-06, 2002, Madison, Wisconsin  [doi>10.1145/564691.564717]
 
6
Providing Database as a Service, Proceedings of the 18th International Conference on Data Engineering, p.29, February 26-March 01, 2002
 
7
R. Jammalamadaka and S. Mehrotra. Querying Encrypted XML Documents . UCI Technical report TR-DB-04-03, 2003.
 
8
Ralph C. Merkle, A Certified Digital Signature, Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology, p.218-238, August 20-24, 1989
 
9
G. Miklau and D. Suciu. Controlling Access to Published Data Using Cryptography, In Proc. of the 29th VLDB Conference, Berlin, Germany, 2003.
 
10
World Wide Web Consortium. Available at http://www.w3.org

CITED BY  4
Sriram Mohan , Yuqing Wu, IPAC: an interactive approach to access control for semi-structured data, Proceedings of the 32nd international conference on Very large data bases, September 12-15, 2006, Seoul, Korea
Luc Bouganim , Francois Dang Ngoc , Philippe Pucheral, Dynamic access-control policies on XML encrypted data, ACM Transactions on Information and System Security (TISSEC), v.10 n.4, p.1-37, January 2008
Mikhail J. Atallah , Greg N. Frederickson , Ashish Kundu, A tree-covering problem arising in integrity of tree-structured data, Information Processing Letters, v.109 n.1, p.79-82, December, 2008
Kyriakos Mouratidis , Dimitris Sacharidis , Hweehwa Pang, Partially materialized digest scheme: an efficient verification method for outsourced databases, The VLDB Journal — The International Journal on Very Large Data Bases, v.18 n.1, p.363-381, January 2009

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls


General Terms:
Security


Keywords:
XML, data outsourcing, third-party architecture

Collaborative Colleagues:
Barbara Carminati: colleagues
Elena Ferrari: colleagues
Elisa Bertino: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player