Proceedings Article10.1145/764792.764794
XML pool encryption
Christian Geuer-Pollmann
- 22 Nov 2002
- pp 1-9
42
TL;DR: An encryption system which allows to have these 'deep children' in plaintext while having the ancestors encrypted, i.e. bringing the property from XML Access Control to XML Encryption is described.
read more
Abstract: This paper describes an alternative encryption method for XML [1] which is capable to encrypt single XML Information Set [2] items. It is able to hide the size and the existence of encrypted contents. As a result, it prevents a 'traffic analysis', i.e. it's analogous counterpart for documents. In 2001, the W3C launched the XML Encryption working group which, among other things, defined how to encrypt portions of XML documents [3]. The portion must always be a subtree or a consecutive sequence of subtrees. On the other hand, XML Access Control allows more granular restrictions on what portions on an XML document a client is allowed to see: XML Access Control can remove an ancestor node from a document while leaving a descendant node in the document. This paper describes an encryption system which allows to have these 'deep children' in plaintext while having the ancestors encrypted, i.e. bringing the property from XML Access Control to XML Encryption.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Generalized XML security views
Gabriel M. Kuper,Fabio Massacci,Nataliya Rassadko +2 more
- 01 Jun 2005
TL;DR: This work provides the notion of security views for characterizing information accessible to authorized users, a transformed (sanitized) DTD schema that can be used by users for query formulation and optimization and proposes a number of generalizations for security policies.
XML security - A comparative literature review
TL;DR: By means of a review of the available literature the authors draw several conclusions about the status quo of XML security and the current state and focuses of research as well as the existing challenges are derived.
41
Web Services Security: Is the Problem Solved?
TL;DR: It is demonstrated that much work needs to be done in Web services security standardization as well as the main initiatives and their respective specifications that try to prevent the new Web service security threats.
24
A Survey of Web Services Security
Carlos Gutiérrez,Eduardo Fernández-Medina,Mario Piattini +2 more
- 14 May 2004
TL;DR: The new web services security threats are explained and the main initiatives and their respective specifications that try to solve them are mentioned and current general security concerns are detailed and future researches proposed.
24
Patent
Representing extensible markup language (XML) as an executable having conditional authentication or policy logic
Cameron Craig Morris,Herrick Gordon Muhlestein,Lloyd Leon Burch +2 more
- 16 Nov 2006
TL;DR: In this paper, a technique for representing extensible markup language (XML) in an executable format is presented. But it does not specify how the executable is distributed to recipient machines.
20
References
Design and implementation of an access control processor for XML documents
Ernesto Damiani,Sabrina De Capitani di Vimercati,Stefano Paraboschi,Pierangela Samarati +3 more
- 01 Jun 2000
TL;DR: An Access Control System for XML is described allowing for definition and enforcement of access restrictions directly on the structure and content of XML documents, thus providing a simple and effective way for users to protect information at the same granularity level provided by the language itself.
203
Related Papers (5)
Mark Bartel
- 01 Nov 2000
D. Eastlake
- 01 Jan 2003
Wenfei Fan,Chee-Yong Chan,Minos Garofalakis +2 more
- 13 Jun 2004