Title :
Realizing fine-granular Read andWrite Rights on Tree Structured Documents
Author_Institution :
Syst. Security Group, Klagenfurt Univ.
Abstract :
Partial encryption of contents in tree structured documents like XML allows to define a fine-granular local access control on nodes for different users: depending on the read permissions a user gets keys and can decrypt encrypted document parts. However, this approach leads to a management of countless keys. The main goal of the presented key management scheme is to reduce the effort for the key management in tree structured documents in order to achieve a simple key retrieval. In contrast to existing approaches, write permissions are introduced allowing only authorized users valid write operations in such documents. To reduce the key storage, a derivation of read permissions from write permissions is presented, while read permissions and write permissions are inherited from parent nodes. Among read and write permissions, rights for structural modifications are included to guarantee the authenticity of such documents. Additionally the problem of key transmission, the evaluation of data overhead for a realization of this scheme, and security aspects are discussed
Keywords :
XML; authorisation; cryptography; tree data structures; XML; authorization; document authenticity; document read-and-write rights; key management; key retrieval; key transmission; local access control; partial content encryption; security; tree structured documents; Access control; Cryptography; Data security; Digital audio broadcasting; Logic; Permission; Protection; Resource management; Secure storage; XML;
Conference_Titel :
Availability, Reliability and Security, 2007. ARES 2007. The Second International Conference on
Conference_Location :
Vienna
Print_ISBN :
0-7695-2775-2
DOI :
10.1109/ARES.2007.121
