skip to main content
10.1145/1065167.1065182acmconferencesArticle/Chapter ViewAbstractPublication PagespodsConference Proceedingsconference-collections
Article

Security analysis of cryptographically controlled access to XML documents

Published: 13 June 2005 Publication History

Abstract

Some promising recent schemes for XML access control employ encryption for implementing security policies on published data, avoiding data duplication. In this paper we study one such scheme, due to Miklau and Suciu. That scheme was introduced with some intuitive explanations and goals, but without precise definitions and guarantees for the use of cryptography (specifically, symmetric encryption and secret sharing). We bridge this gap in the present work. We analyze the scheme in the context of the rigorous models of modern cryptography. We obtain formal results in simple, symbolic terms close to the vocabulary of Miklau and Suciu. We also obtain more detailed computational results that establish security against probabilistic polynomial-time adversaries. Our approach, which relates these two layers of the analysis, continues a recent thrust in security research and may be applicable to a broad class of systems that rely on cryptographic data protection.

References

[1]
Martín Abadi and Phillip Rogaway. Reconciling two views of cryptography (The computational soundness of formal encryption). Journal of Cryptology, 15(2):103--127, 2002.
[2]
Michael Backes, Birgit Pfitzmann, and Michael Waidner. A composable cryptographic library with nested operations. In Proc. of the 10th ACM Conference on Computer and Communications Security, pages 220--330. ACM Press, 2003. Long version: IACR ePrint Archive, Report 2003/015.
[3]
Mihir Bellare and Phil Rogaway. Introduction to modern cryptography. Available at: http://www.cs.ucsd.edu/~mihir/cse207/classnotes.html.
[4]
Elisa Bertino, B. Carminati, and E. Ferrari. A temporal key management scheme for secure broadcasting of XML documents. In Proc. of the 8th ACM Conference on Computer and Communication Security, pages 31--40, 2002.
[5]
Elisa Bertino, Silvana Castano, and Elena Ferrari. Author-X: A comprehensive system for securing XML documents. IEEE Internet Computing, 5(3):21--31, 2001.
[6]
Silvana Castano, Mariagrazia G. Fugini, Giancarlo Martella, and Pierangela Samarati. Database Security. Addison-Wesley - ACM Press, 1995.
[7]
Jason Crampton. Applying hierarchical and role-based access control to XML documents. In Proc. of ACM Workshop on Secure Web Services, pages 41--50, 2004.
[8]
Ernesto Damiani, Sabrina de Capitani di Vimercati, Stefano Paraboschi, and Pierangela Samarati. A fine-grained access control system for XML documents. ACM Transactions on Information and System Security, 5(2):169--202, 2002.
[9]
Danny Dolev, Cynthia Dwork, and Moni Naor. Non-malleable cryptography. SIAM Journal of Computing, 30(2):391--437, 2000.
[10]
Donald Eastlake and Joseph Reagle. XML encryption syntax and processing. http://www.w3.org/TR/xmlenc-core, October 2002.
[11]
David K. Gifford. Cryptographic sealing for information secrecy and authentication. Commun. ACM, 25(4):274--286, 1982.
[12]
Shafi Goldwasser and Silvio Micali. Probabilistic encryption. Journal of Computer and System Sciences, 28:270--299, April 1984.
[13]
Jonathan Herzog. Computational Soundness for Standard Assumptions of Formal Cryptography. PhD thesis, Massachusetts Institute of Technology, 2004.
[14]
Michiharu Kudo and Satoshi Hada. XML document security based on provisional authorization. In Proc. the 7th ACM Conference on Computer and Communication Security, pages 87--96, 2000.
[15]
Peeter Laud. Symmetric encryption in automatic analyses for confidentiality against active adversaries. In Proc. of 2004 IEEE Symposium on Security and Privacy, pages 71--85, 2004.
[16]
Daniele Micciancio. Towards computationally sound symbolic security analysis. Talk at DIMACS; slides available at: http://dimacs.rutgers.edu/Workshops/Protocols/slides/micciancio.pdf, 2004.
[17]
Daniele Micciancio and Saurabh Panjwani. Adaptive security of symbolic encryption. In Joe Kilian, editor, Theory of cryptography conference - Proceedings of TCC 2005, volume 3378 of Lecture Notes in Computer Science, pages 169--187. Springer-Verlag, February 2005.
[18]
Daniele Micciancio and Bogdan Warinschi. Soundness of formal encryption in the presence of active adversaries. In Moni Naor, editor, Theory of cryptography conference - Proceedings of TCC 2004, volume 2951 of Lecture Notes in Computer Science, pages 133--151. Springer, February 2004.
[19]
Gerome Miklau and Dan Suciu. Controlling access to published data using cryptography. In VLDB 2003: Proc. of 29th International Conference on Very Large Data Bases, pages 898--909, 2003.
[20]
John Mitchell, Ajith Ramanathan, Andre Scedrov, and Vanessa Teague. A probabilistic polynomial-time calculus for analysis of cryptographic protocols. Electronic Notes in Theoretical Computer Science, 45, 2001.
[21]
Adi Shamir. How to share a secret. CACM, 22(11):612--613, 1979.
[22]
Jeffrey Ullman. Principles of Database Systems. Computer Science Press, Potomac, MD, 1983.
[23]
Xiaochung Yang and Chen Li. Secure XML publishing without information leakage in the presence of data inference. In VLDB 2004: Proc. of 30th International Conference on Very Large Data Bases, pages 96--107, 2004.

Cited By

View all
  • (2011)A Survey of Symbolic Methods in Computational Analysis of Cryptographic SystemsJournal of Automated Reasoning10.1007/s10817-010-9187-946:3-4(225-259)Online publication date: 1-Apr-2011
  • (2008)Computational soundness of non-malleable commitmentsProceedings of the 4th international conference on Information security practice and experience10.5555/1788494.1788520(361-376)Online publication date: 21-Apr-2008
  • (2008)Dynamic access-control policies on XML encrypted dataACM Transactions on Information and System Security10.1145/1284680.128468410:4(1-37)Online publication date: 22-Jan-2008
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
PODS '05: Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
June 2005
388 pages
ISBN:1595930620
DOI:10.1145/1065167
  • General Chair:
  • Georg Gottlob,
  • Program Chair:
  • Foto Afrati
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 June 2005

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Article

Conference

SIGMOD/PODS05

Acceptance Rates

Overall Acceptance Rate 642 of 2,707 submissions, 24%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)5
  • Downloads (Last 6 weeks)0
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2011)A Survey of Symbolic Methods in Computational Analysis of Cryptographic SystemsJournal of Automated Reasoning10.1007/s10817-010-9187-946:3-4(225-259)Online publication date: 1-Apr-2011
  • (2008)Computational soundness of non-malleable commitmentsProceedings of the 4th international conference on Information security practice and experience10.5555/1788494.1788520(361-376)Online publication date: 21-Apr-2008
  • (2008)Dynamic access-control policies on XML encrypted dataACM Transactions on Information and System Security10.1145/1284680.128468410:4(1-37)Online publication date: 22-Jan-2008
  • (2008)Sound and complete computational interpretation of symbolic hashes in the standard modelTheoretical Computer Science10.1016/j.tcs.2007.11.011394:1-2(112-133)Online publication date: 20-Mar-2008
  • (2007)Tackling adaptive corruptions in multicast encryption protocolsProceedings of the 4th conference on Theory of cryptography10.5555/1760749.1760752(21-40)Online publication date: 21-Feb-2007
  • (2007)Optimizing Tree Pattern Queries over Secure XML DatabasesSecure Data Management in Decentralized Systems10.1007/978-0-387-27696-0_5(127-165)Online publication date: 2007
  • (2006)Efficient secure query evaluation over encrypted XML databasesProceedings of the 32nd international conference on Very large data bases10.5555/1182635.1164140(127-138)Online publication date: 1-Sep-2006
  • (2006)Corrupting one vs. corrupting manyProceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II10.1007/11787006_7(70-82)Online publication date: 10-Jul-2006

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media