Showing papers on "XML Encryption published in 2018"
TL;DR: A cloud-based EHR model that performs attribute-based access control using extensible access control markup language, focused on security, performs partial encryption and uses electronic signatures when a patient’s document is sent to a document requester.
Abstract: Cloud-based electronic health record (EHR) systems enable medical documents to be exchanged between medical institutions; this is expected to contribute to improvements in various medical services in the future. However, as the system architecture becomes more complicated, cloud-based EHR systems may introduce additional security threats when compared with the existing singular systems. Thus, patients may experience exposure of private data that they do not wish to disclose. In order to protect the privacy of patients, many approaches have been proposed to provide access control to patient documents when providing health services. However, most current systems do not support fine-grained access control or take into account additional security factors such as encryption and digital signatures. In this paper, we propose a cloud-based EHR model that performs attribute-based access control using extensible access control markup language. Our EHR model, focused on security, performs partial encryption and uses electronic signatures when a patient’s document is sent to a document requester. We use XML encryption and XML digital signature technology. Our proposed model works efficiently by sending only the necessary information to the requesters who are authorized to treat the patient in question.
109 citations
TL;DR: Two Zero-Watermark methods are designed and tested for XML documents and one is XSLT-related method which is designed with embedding extra codes in XSLt file to serve as sort of copyright function and another uses the functional dependency of XML file as feature for Zero- watermark.
Abstract: As XML files are less redundant and readily reorganized, it is really difficult to design a XML watermarking scheme which can get a trade-off between robust and invisible. However, this trade-off can be achieved by the Zero-Watermark method. In this paper, two Zero-Watermark methods are designed and tested for XML documents. One is XSLT-related method which is designed with embedding extra codes in XSLT file to serve as sort of copyright function. Another uses the functional dependency of XML file as feature for Zero-Watermark. Experiment results show that both methods have good real-time performances. Experiment results show that Zero-Watermark algorithm with functional dependency can resist selection attacks, alteration attacks, reorganization attacks and compression attacks.
12 citations
TL;DR: Andromeda, a system for processing queries and updates on large XML documents based on the idea of statically and dynamically partitioning the input document, so as to distribute the computing load among the machines of a MapReduce cluster.
Abstract: In this paper we present Andromeda, a system for processing queries and updates on large XML documents. The system is based on the idea of statically and dynamically partitioning the input document, so as to distribute the computing load among the machines of a MapReduce cluster.
7 citations
TL;DR: The results show that the proposed algorithm can effectively place XML data on air and significantly improve the overall access efficiency.
Abstract: Wireless data broadcast is an efficient way of delivering data of common interest to a large population of mobile devices within a proximate area, such as smart cities, battle fields, etc. In this work, we focus ourselves on studying the data placement problem of periodic XML data broadcast in mobile and wireless environments. This is an important issue, particularly when XML becomes prevalent in today’s ubiquitous and mobile computing devices and applications. Taking advantage of the structured characteristics of XML data, effective broadcast programs can be generated based on the XML data on the server only. An XML data broadcast system is developed and a theoretical analysis on the XML data placement on a wireless channel is also presented, which forms the basis of the novel data placement algorithm in this work. The proposed algorithm is validated through a set of experiments. The results show that the proposed algorithm can effectively place XML data on air and significantly improve the overall access efficiency.
5 citations
Proceedings Article•
16 Apr 2018TL;DR: This paper proposes a query-filtering technique that evaluates XML queries to detect disclosure of association-level security objects and uses tree automata to model-security objects.
Abstract: In this paper we present query-filtering techniques based on bottom-up tree automata for XML access control. In our authorization model (RXACL), RDF statements are used to represent security objects and to express the security policy. We present the concepts of a simple security object and an association security object. Our model allows us to express and enforce access control on XML trees and their associations. We propose a query-filtering technique that evaluates XML queries to detect disclosure of association-level security objects. We use tree automata to model-security objects. Intuitively a query Q discloses a security object o if and only if the (tree) automata corresponding to o accepts Q. We show that our schema-level method detects all possible disclosures, i.e., it is complete.
5 citations
1 Dec 2018
TL;DR: A comprehensive review of existing Web service security techniques along with parametric evolution of these schemes are discussed and improve the security of web service using XML Signature and XML Encryption.
Abstract: With the growing development of digital era, Web service is increasing used for decentralized computing, and it is an effective mechanism for the service integration and e-business on the web. The Extensible markup Language (XML), XMLpath (XPath) and Structure Query Language (SQL) Injection vulnerabilities are common security threats and issues for web services and web applications. Vulnerabilities crack the web service security and hack the data. The web service implementation of Service Orientation Architecture (SOA) becomes the current selective choice and most popular due to its simplicity that work on basic Internet Protocol. Nowadays, organization are investing a large amount of their resources in web services. Web service transaction are used to plain text XML format like Simple Object Access Protocol (SOAP) and Web Service Definition Language (WSDL). The hacker are easily hack the important content of web services. We improve the security of web service using XML Signature and XML Encryption. The high complexity of XML to alternative of XML is JavaScript Object Notation (JSON) is gain increasing popularity in web service security. In this paper, a comprehensive review of existing Web service security techniques along with parametric evolution of these schemes are discussed.
3 citations
Proceedings Article•
12 Mar 2018TL;DR: A more general formal model is proposed that considers structural, value-based and full-text conditions as desiderata rather than mandatory constraints and defines a set of relaxation operators that, given a path expression or a selection condition, return aSet of relaxed path expressions or selection conditions.
Abstract: XQuery Full-Text is the proposed standard language for querying XML documents using either standard or full-text conditions; while full-text conditions can have a boolean or a ranked semantics, standard conditions must be satisfied for an element to be returned. This paper proposes a more general formal model that considers structural, value-based and full-text conditions as desiderata rather than mandatory constraints. The goal is achieved defining a set of relaxation operators that, given a path expression or a selection condition, return a set of relaxed path expressions or selection conditions. Algebraic approximated operators are defined for representing typical queries and returns either elements that perfectly respect the conditions and elements that answer to a relaxed version of the original query. A score reflecting the level of satisfaction of the original query is assigned to each result of the relaxed query.
4 May 2018
TL;DR: This paper proposes a schema-based storage approach for XML documents in relational databases, utilizing a three-step mapping process to transform XML DTDs into relational schemas, including simplification, graph creation, and schema generation.
Abstract: XML (Extensible Mark up language) is emerging as a tool for representing and exchanging data over the internet. When we want to store and query XML data, we can use two approaches either by using native databases or XML enabled databases. In this paper we deal with XML enabled databases. We use relational databases to store XML documents. In this paper we focus on mapping of XML DTD into relations. Mapping needs three steps: 1) Simplify Complex DTD’s 2) Make DTD graph by using simplified DTD’s 3) Generate Relational schema. We present an inlining algorithm for generating relational schemas from available DTD’s. This algorithm also handles recursion in an XML document.
22 May 2018
Abstract: XML (Extensible Mark up language) is emerging as a tool for representing and exchanging data over the internet. When we want to store and query XML data, we can use two approaches either by using native databases or XML enabled databases. In this paper we deal with XML enabled databases. We use relational databases to store XML documents. In this paper we focus on mapping of XML DTD into relations. Mapping needs three steps: 1) Simplify Complex DTD’s 2) Make DTD graph by using simplified DTD’s 3) Generate Relational schema. We present an inlining algorithm for generating relational schemas from available DTD’s. This algorithm also handles recursion in an XML document.
16 Jan 2018
Abstract: The topic of enhancing security in XML databases is important as it includes protecting sensitive data and providing a secure environment to users. In order to improve security and provide dynamic access control for XML databases, we presented XLog file to calculate user trust values by recording users’ bad transaction, errors and query severities. Severity-aware trust-based access control for XML databases manages the access policy depending on users' trust values and prevents unauthorized processes, malicious transactions and insider threats. Privileges are automatically modified and adjusted over time depending on user behaviour and query severity. Logging in database is an important process and is used for recovery and security purposes. In this paper, the Xlog file is presented as a dynamic and temporary log file for XML databases to enhance the level of security.
TL;DR: The secure protocol is used to make connection using the private key, XML ecryption prevents the system from eavesdropping, and forging, and the data security and confidentiality is increased, for the better automation and crop growth.
Abstract: Summary
In the smart agricultural environment such as greenhouse or vertical farm, the automation process is performed using the environment sensors to maintain the growth of the crops. Currently, the system rely on the defined rule to perform automation, but the situation can turn catastrophic. With the interruption in the communication, data forging, or eavesdropping, the crops will be rotten and destroyed. Therefore, to maintain the automation without failure, the connection needs to be secure and tampering has to be avoided. In this paper, we discuss the security solution for the wireless sensor networks in the automated agricultural environment without any human intervention. The sink node that collects the sensor values organizes the data and transfer the data to the server, along with the XML encryption and private key mechanism for the communication. The secure protocol is used to make connection using the private key, XML ecryption prevents the system from eavesdropping, and forging. Some of the events discussed in the papers are EVNData, SENSORError, DDoSAttack, and ConnThreat. With the help of the event and the tag information, the data security and confidentiality is increased, for the better automation and crop growth.