skip to main content
research-article

Security analysis of cryptographically controlled access to XML documents

Published: 15 May 2008 Publication History

Abstract

Some promising recent schemes for XML access control employ encryption for implementing security policies on published data, avoiding data duplication. In this article, we study one such scheme, due to Miklau and Suciu [2003]. That scheme was introduced with some intuitive explanations and goals, but without precise definitions and guarantees for the use of cryptography (specifically, symmetric encryption and secret sharing). We bridge this gap in the present work. We analyze the scheme in the context of the rigorous models of modern cryptography. We obtain formal results in simple, symbolic terms close to the vocabulary of Miklau and Suciu. We also obtain more detailed computational results that establish security against probabilistic polynomial-time adversaries. Our approach, which relates these two layers of the analysis, continues a recent thrust in security research and may be applicable to a broad class of systems that rely on cryptographic data protection.

References

[1]
Abadi, M., and Rogaway, P. 2002. Reconciling two views of cryptography (The computational soundness of formal encryption). J. Crypt. 15, 2, 103--127.
[2]
Adam, N. R., and Worthmann, J. C. 1989. Security-control methods for statistical databases: A comparative study. ACM Comput. Surv. 21, 4, 515--556.
[3]
Backes, M., Pfitzmann, B., and Waidner, M. 2003. A composable cryptographic library with nested operations. In Proceedings of the 10th ACM Conference on Computer and Communications Security. ACM, New York, 220--330. (Long version: IACR ePrint Archive, Report 2003/015.)
[4]
Bellare, M., and Rogaway, P. 2005. Introduction to modern cryptography. (Available at: http://www.cs.ucsd.edu/~mihir/cse207/classnotes.html.)
[5]
Bertino, E., Carminati, B., and Ferrari, E. 2002. A temporal key management scheme for secure broadcasting of XML documents. In Proceedings of the 8th ACM Conference on Computer and Communications Security. ACM, New York, 31--40.
[6]
Bertino, E., Castano, S., and Ferrari, E. 2001. Author-X: A comprehensive system for securing XML documents. IEEE Internet Comput. 5, 3, 21--31.
[7]
Canetti, R., Dwork, C., Goldreich, O., and Naor, M. 1996. Adaptively secure multiparty computation. In Proceedings of the 28th ACM Symposium on Theory of Computing. ACM, New York, 639--648.
[8]
Castano, S., Fugini, M. G., Martella, G., and Samarati, P. 1995. Database Security. Addison-Wesley -- ACM Press, New York.
[9]
Crampton, J. 2004. Applying hierarchical and role-based access control to XML documents. In Proceedings of the ACM Workshop on Secure Web Services. ACM, New York, 41--50.
[10]
Damiani, E., de Capitani di Vimercati, S., Paraboschi, S., and Samarati, P. 2002. A fine-grained access control system for XML documents. ACM Trans. Inf. Syst. Sec. 5, 2, 169--202.
[11]
Dolev, D., Dwork, C., and Naor, M. 2000. Non-malleable cryptography. SIAM J. Comput. 30, 2, 391--437.
[12]
Dwork, C., Naor, M., Reingold, O., and Stockmeyer, L. J. 2003. Magic functions. J. ACM 50, 6, 852--921.
[13]
Eastlake, D., and Reagle, J. 2002. XML encryption syntax and processing. http://www.w3.org/TR/xmlenc-core.
[14]
Gifford, D. K. 1982. Cryptographic sealing for information secrecy and authentication. Commun. ACM 25, 4, 274--286.
[15]
Goldwasser, S., and Micali, S. 1984. Probabilistic encryption. J. Comput. Syst. Sci. 28, 270--299.
[16]
Herzog, J. 2004. Computational soundness for standard assumptions of formal cryptography. Ph.D. dissertation, Massachusetts Institute of Technology, Cambridge, MA.
[17]
Kudo, M., and Hada, S. 2000. XML document security based on provisional authorization. In Proceedings of the 7th ACM Conference on Computer and Communications Security. ACM, New York, 87--96.
[18]
Laud, P. 2004. Symmetric encryption in automatic analyses for confidentiality against active adversaries. In Proceedings of the 2004 IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos, CA, 71--85.
[19]
Micciancio, D. 2004. Towards computationally sound symbolic security analysis. (Talk at DIMACS; slides available at: http://dimacs.rutgers.edu/Workshops/Protocols/slides/micciancio.pdf.)
[20]
Micciancio, D., and Panjwani, S. 2005. Adaptive security of symbolic encryption. In Proceedings of the Symposium on Theory of Cryptography Conference (TCC 2005). Springer-Verlag, New York, 169--187.
[21]
Micciancio, D., and Panjwani, S. 2006. Corrupting one vs. corrupting many: The case of broadcast and multicast encryption. In Automata, Languages and Programming, 33rd International Colloquium, Proceedings, Part II. Springer-Verlag, New York, 70--82.
[22]
Micciancio, D., and Warinschi, B. 2004. Soundness of formal encryption in the presence of active adversaries. In Proceedings of the Theory of Cryptography Conference (TCC 2004). Springer-Verlag, New York, 133--151.
[23]
Miklau, G., and Suciu, D. 2003. Controlling access to published data using cryptography. In VLDB 2003: 29th International Conference on Very Large Data Bases. ACM, New York, 898--909.
[24]
Shamir, A. 1979. How to share a secret. Commun. ACM 22, 11, 612--613.
[25]
Ullman, J. 1983. Principles of Database Systems. Computer Science Press, Potomac, MD.
[26]
Yang, X., and Li, C. 2004. Secure XML publishing without information leakage in the presence of data inference. In VLDB 2004: 30th International Conference on Very Large Data Bases. ACM, New York, 96--107.

Cited By

View all
  • (2019)Symbolic Encryption with Pseudorandom KeysAdvances in Cryptology – EUROCRYPT 201910.1007/978-3-030-17659-4_3(64-93)Online publication date: 19-May-2019
  • (2018)Symbolic Security of Garbled Circuits2018 IEEE 31st Computer Security Foundations Symposium (CSF)10.1109/CSF.2018.00018(147-161)Online publication date: Jul-2018
  • (2017)A Framework for the Cryptographic Enforcement of Information Flow PoliciesProceedings of the 22nd ACM on Symposium on Access Control Models and Technologies10.1145/3078861.3078868(143-154)Online publication date: 7-Jun-2017
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image Journal of the ACM
Journal of the ACM  Volume 55, Issue 2
May 2008
282 pages
ISSN:0004-5411
EISSN:1557-735X
DOI:10.1145/1346330
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 May 2008
Accepted: 01 May 2007
Received: 01 January 2007
Published in JACM Volume 55, Issue 2

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Access control
  2. XML
  3. authorization
  4. encryption

Qualifiers

  • Research-article
  • Research
  • Refereed

Funding Sources

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)6
  • Downloads (Last 6 weeks)1
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2019)Symbolic Encryption with Pseudorandom KeysAdvances in Cryptology – EUROCRYPT 201910.1007/978-3-030-17659-4_3(64-93)Online publication date: 19-May-2019
  • (2018)Symbolic Security of Garbled Circuits2018 IEEE 31st Computer Security Foundations Symposium (CSF)10.1109/CSF.2018.00018(147-161)Online publication date: Jul-2018
  • (2017)A Framework for the Cryptographic Enforcement of Information Flow PoliciesProceedings of the 22nd ACM on Symposium on Access Control Models and Technologies10.1145/3078861.3078868(143-154)Online publication date: 7-Jun-2017
  • (2016)Universally Composable Cryptographic Role-Based Access ControlProceedings of the 10th International Conference on Provable Security - Volume 1000510.1007/978-3-319-47422-9_4(61-80)Online publication date: 10-Nov-2016
  • (2015)An access control model for protecting provenance graphs2015 13th Annual Conference on Privacy, Security and Trust (PST)10.1109/PST.2015.7232963(125-132)Online publication date: Jul-2015
  • (2015)Policy Privacy in Cryptographic Access ControlProceedings of the 2015 IEEE 28th Computer Security Foundations Symposium10.1109/CSF.2015.11(46-60)Online publication date: 13-Jul-2015
  • (2013)Access control requirements for structured document in cloud computingInternational Journal of Grid and Utility Computing10.1504/IJGUC.2013.0562444:2/3(95-102)Online publication date: 1-Sep-2013
  • (2013)Cryptographically Enforced RBACProceedings of the 2013 IEEE 26th Computer Security Foundations Symposium10.1109/CSF.2013.15(115-129)Online publication date: 26-Jun-2013
  • (2012)Computationally sound analysis of Diffie-Hellman-based protocols and encryption cycles2012 IEEE International Conference on Oxide Materials for Electronic Engineering (OMEE)10.1109/OMEE.2012.6343589(402-404)Online publication date: Sep-2012
  • (2011)Computational soundness about formal encryption in the presence of secret shares and key cyclesProceedings of the 13th international conference on Information and communications security10.5555/2075719.2075724(29-41)Online publication date: 23-Nov-2011
  • Show More Cited By

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media