Abstract
XML (eXtensible Markup Language) is the de-facto standard for document representation and exchange on the Web. Researchers have previously proposed access control models and schemes for XML documents that allow one to disseminate selectively, portions of an XML document to the user community based on different policies. Such selective dissemination of an XML document creates a new problem, namely, how to authenticate portions of the XML document independent of other portions andlor the complete document. In this paper, we present a novel scheme based on one-way accumulator functions that allows the user to have a guarantee that a portion of an XML document does indeed belong to the original document.
Chapter PDF
Reference
P. Devanbu, M. Gertz, A. Kwong, C. Martel, G. Nuckolls, S. G. Stubblebine. “Flexible Authentication of XML Document,” Proceedings. of the 8 th ACM conference on Computer and Communications Security, pp. 136–145, November 2001.
J.C. Benaloh and M. de Mare. “One-way accumulators: A Decentralized Alternative to Digital Signatures,” Proceedings of EUROCRYPT’93: Advances in Cryptology, Lecture Notes in Computer Science, vol. 765, pp 274–285, Springer-Verlag, 1993.
R. Merkle, “A Digital Signature Based on a Conventional Encryption Function,” Proceedings of Crypto ’87: Advances in Cryptology, Lecture Notes in Computer Science, vol. 293, pp.369–378, Springer-Verlag, 1987.
D. Eastlake, J. Reagle and D. Solo, “XML-Signature Syntax and processing”, W3C Recommendation, February 2002.
A. Shamir, “On the Generation of Cryptographically Strong PseudoRandom Sequences.” Proceedings of the 8th Colloquium on Automata, Languages and Programming ICALP ’81, Lecture Notes in Computer Science, vol. 115, pp 544–550, Springer-Verlag, 1981.
Digest Values for DOM (DOMHASH). RFC 2803 Internet Society, available from http://www.faqs.org/rfcs/rfc2803.html, April 2000
Elisa Bertino and Elena Ferrari, “Secure and Selective Dissemination of XML Documents,” ACM Transactions on Information and System Security, Vol. 5, No. 3, August 2002, pp. 290–331
J. Cowan, “XML Information Set”. W3C Recommendation, October 2001.
J. Clark and S. DeRose, “SML Path Language (XPath)”. W3C Recommendation, November 1999.
R. Merkle, “A Certified Digital Signature”. In Advances in Cryptology-CRYPTO’89. Lecture Notes in Computer Science, vol. 435, pp 234–246, Springer-Verlag 1989.
R. Steinfeld, L. Bull and Y. Zheng, “Content Extraction Signatures”, Proceedings of the 4th International Conference on Information Security and Cryptology (ICISC 2001), Lecture Notes in Computer Science, vol. 2288, pp. 285–304, Springer-Verlag 2001.
H. Maruyama, K. Tamura, and N. Uramoto, “XML and Java, Developing Web Applications,” Addison Wesley 1999.
R. Nyberg, “Fast Accumulated Hashing”, Proceedings of the 3rd International Workshop on Fast Softtware Encryption. Cambridge, U.K. 1996. Published as D. Gollman editor, Lecture Notes in Computer Science, vol. 1039, pp 83–87, Springer-Verlag 1996.
N. Baric and B. Pfitzmann, “Collision-free accumulators and failstop signature schemes without trees”, Proceedings ofEUROCRYPT ’97: Advances in Cryptology. Lecture Notes in Computer Science vol. 1233, pp 480–494. Springer-Verlag 1997.
R. Gennaro, S. Halevi and T. Rabin, “Secure Hash-and-Sign Signatures Without the Random Oracle” Proceedings of EUROCRYPT ’99: Advances in Cryptology. Lecture Notes in Computer Science, vol. 1592, pp 123–139, Springer-Verlag 1999.
T. Sander, “Efficient Accumulators Without Trapdoor”, Proceedings of the 2th International Conference on Information and Communications Security 1999 (ICICS 1999). Lecture Notes in Computer Science, vol. 1726, pp 252–262, Springer-Verlag 1999.
T. Sander, A. T-Shma and M. Yung, “Blind, Auditable Membership Proofs”, Proceedings of Financial Cryptography ’00, 2000. Lecture Notes in Computer Science, vol. 1962, pp 53–71, Springer-Verlag 2000.
M. T. Goodrich, R. Tamassia and J. Hasic “An Efficient, Dynamic and Distributed Cryptographic Accumulator”, Proceedings of the 5th International Conference on Information Security, 2002. Lecture Notes in Computer Science, vol. 2433, pp 372–388, Springer-Verlag 2002.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ray, I., Kim, E. (2004). Collective Signature for Efficient Authentication of XML Documents. In: Deswarte, Y., Cuppens, F., Jajodia, S., Wang, L. (eds) Security and Protection in Information Processing Systems. SEC 2004. IFIP — The International Federation for Information Processing, vol 147. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8143-X_27
Download citation
DOI: https://doi.org/10.1007/1-4020-8143-X_27
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-8016-1
Online ISBN: 978-1-4020-8143-9
eBook Packages: Springer Book Archive