ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Decentralized authorization and data security in web content delivery
Full text PdfPdf (205 KB)
Source Symposium on Applied Computing archive
Proceedings of the 2007 ACM symposium on Applied computing table of contents
Seoul, Korea
SESSION: Web technologies table of contents
Pages: 1654 - 1661  
Year of Publication: 2007
ISBN:1-59593-480-4
Authors
Danfeng Yao  Brown University, Providence, RI
Yunhua Koglin  Purdue University, West Lafayette, IN
Elisa Bertino  Purdue University, West Lafayette, IN
Roberto Tamassia  Brown University, Providence, RI
Sponsor
SIGAPP: ACM Special Interest Group on Applied Computing
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 18,   Downloads (12 Months): 127,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1244002.1244353
What is a DOI?

ABSTRACT

The fast development of web services, or more broadly, service-oriented architectures (SOAs), has prompted more organizations to move contents and applications out to the Web. Softwares on the web allow one to enjoy a variety of services, for example translating texts into other languages and converting a document from one format to another. In this paper, we address the problem of maintaining data integrity and confidentiality in web content delivery when dynamic content modifications are needed. We propose a flexible and scalable model for secure content delivery based on the use of roles and role certificates to manage web intermediaries. The proxies coordinate themselves in order to process and deliver contents, and the integrity of the delivered content is enforced using a decentralized strategy. To achieve this, we utilize a distributed role lookup table and a role-number based routing mechanism. We give an efficient secure protocol, iDeliver, for content processing and delivery, and also describe a method for securely updating role lookup tables. Our solution also applies to the security problem in web-based workflows, for example maintaining the data integrity in automated trading, contract authorization, and supply chain management in large organizations.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Charu Aggarwal , Joel L. Wolf , Philip S. Yu, Caching on the World Wide Web, IEEE Transactions on Knowledge and Data Engineering, v.11 n.1, p.94-107, January 1999  [doi>10.1109/69.755618]
 
2
Tuomas Aura, Distributed access-rights management with delegation certificates, Secure Internet programming: security issues for mobile and distributed objects, Springer-Verlag, London, 2001
 
3
J. Barkley, A. Cincotta, D. Ferraiolo, S. Gavrila, and D. Kuhn. Role based access control for the world wide web. In 20th National Computer Security Conference, 1997.
4
Girma Berhe , Lionel Brunie , Jean-Marc Pierson, Modeling service-based multimedia content adaptation in pervasive computing, Proceedings of the 1st conference on Computing frontiers, April 14-16, 2004, Ischia, Italy  [doi>10.1145/977091.977102]
 
5
E. Bertino , E. Ferrari , G. Mella, An approach to cooperative updates of XML documents in distributed systems, Journal of Computer Security, v.13 n.2, p.191-242, March 2005
 
6
Piero A. Bonatti , Pierangela Samarati, A uniform framework for regulating service access and information release on the web, Journal of Computer Security, v.10 n.3, p.241-271, 2002
 
7
L. Breslau, P. Cao, L. Fan, G. Phillips, and S. Shenker. Web caching and Zipf-like distributions: evidence and implications. In INFOCOM '99, March.
8
Valeria Cardellini , Philip S. Yu , Yun-Wu Huang, Collaborative proxy system for distributed Web content transcoding, Proceedings of the ninth international conference on Information and knowledge management, p.520-527, November 06-11, 2000, McLean, Virginia, United States  [doi>10.1145/354756.354861]
 
9
C. H. Chi, Y. Lin, J. Deng, X. Li, and T. Chua. Automatic proxy-based watermarking for WWW. Computer communication, 24(2):144--154, February 2001.
 
10
C. H. Chi and Y. Wu. An XML-based data integrity service model for web intermediaries. In Proceedings of the 7th International Workshop on Web Content Caching and Distribution, August 2003.
 
11
P.-A. Chirita, W. Nejdl, M. T. Schlosser, and O. Scurtu. Personalized reputation management in P2P networks. In ISWC Workshop on Trust, Security, and Reputation on the Semantic Web, 2004.
 
12
Premkumar T. Devanbu , Michael Gertz , Charles U. Martel , Stuart G. Stubblebine, Authentic Third-party Data Publication, Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions, p.101-112, August 21-23, 2000
 
13
Premkumar Devanbu , Michael Gertz , April Kwong , Charles Martel , Glen Nuckolls , Stuart G. Stubblebine, Flexible authentication of XML documents, Journal of Computer Security, v.12 n.6, p.841-864, December 2004
 
14
Amos Fiat , Adi Shamir, How to prove yourself: practical solutions to identification and signature problems, Proceedings on Advances in cryptology---CRYPTO '86, p.186-194, January 1987, Santa Barbara, California, United States
 
15
Ahsan Habib , Dongyan Xu , Mikhail Atallah , Bharat Bhargava , John Chuang, A Tree-Based Forward Digest Protocol to Verify Data Integrity in Distributed Media Streaming, IEEE Transactions on Knowledge and Data Engineering, v.17 n.7, p.1010-1014, July 2005  [doi>10.1109/TKDE.2005.102]
 
16
J.-L. Huang, M.-S. Chen, and H.-P. Hung. A QoS-aware transcoding proxy using on-demand data broadcasting. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM '04), March 2004.
 
17
B. Li, M. J. Golin, G. F. Italiano, X. Deng, and K. Sohraby. On the optimal placement of web proxies in the Internet. In Proceedings of IEEE International Conference on Computer Communications (INFOCOM '99), March 1999.
 
18
T. Li, Y. Wu, D. Ma, H. Zhu, and R. H. Deng. Flexible verification of MPEG-4 stream in peer-to-peer CDN. In Proceedings of the 6th International Conference on Information and Communications Security (ICICS), pages 79--91, 2004.
 
19
A. Lysyanskaya, R. Tamassia, and N. Triandopoulos. Multicast authentication in fully adversarial networks. In Proceedings of IEEE Symposium on Security and Privacy (SSP 2004), pages 241--255, 2004.
20
Joon S. Park , Ravi Sandhu , Gail-Joon Ahn, Role-based access control on the web, ACM Transactions on Information and System Security (TISSEC), v.4 n.1, p.37-71, Feb. 2001  [doi>10.1145/383775.383777]
21
Daniel J. Polivy , Roberto Tamassia, Authenticating distributed data using Web services and XML signatures, Proceedings of the 2002 ACM workshop on XML security, November 22-22, 2002, Fairfax, VA  [doi>10.1145/764792.764805]
22
Swaminathan Sivasubramanian , Michal Szymaniak , Guillaume Pierre , Maarten van Steen, Replication for web hosting systems, ACM Computing Surveys (CSUR), v.36 n.3, p.291-334, September 2004  [doi>10.1145/1035570.1035573]
 
23
SSL specification. Available at: http://wp.netscape.com/eng/security/SSL_2.html.
24
Ion Stoica , Robert Morris , David Karger , M. Frans Kaashoek , Hari Balakrishnan, Chord: A scalable peer-to-peer lookup service for internet applications, Proceedings of the 2001 conference on Applications, technologies, architectures, and protocols for computer communications, p.149-160, August 2001, San Diego, California, United States
 
25
D. Yao, K. B. Frikken, M. J. Atallah, and R. Tamassia. Point-based trust: Define how much privacy is worth. In Proceedings of the Eighth International Conference on Information and Communications Security (ICICS '06), December 2006.
 
26
B. Y. Zhao, L. Huang, J. Stribling, S. C. Rhea, A. D. Joseph, and J. Kubiatowicz. Tapestry: A resilient global-scale overlay for service deployment. IEEE Journal on Selected Areas in Communications, 22(1):41--53, January 2004.

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls

Additional Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Authentication


General Terms:
Security


Keywords:
authorization, content delivery networks, data integrity, web

Collaborative Colleagues:
Danfeng Yao: colleagues
Yunhua Koglin: colleagues
Elisa Bertino: colleagues
Roberto Tamassia: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player