Entry Bouganim:2008:DAC from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Bouganim:2008:DAC,
  author =       "Luc Bouganim and Fran{\c{c}}ois Dang Ngoc and Philippe
                 Pucheral",
  title =        "Dynamic access-control policies on {XML} encrypted
                 data",
  journal =      j-TISSEC,
  volume =       "10",
  number =       "4",
  pages =        "4:1--4:??",
  month =        jan,
  year =         "2008",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/1284680.1284684",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Thu Jun 12 17:52:24 MDT 2008",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "The erosion of trust put in traditional database
                 servers and in Database Service Providers and the
                 growing interest for different forms of selective data
                 dissemination are different factors that lead to move
                 the access-control from servers to clients. Different
                 data encryption and key dissemination schemes have been
                 proposed to serve this purpose. By compiling the
                 access-control rules into the encryption process, all
                 these methods suffer from a static way of sharing data.
                 With the emergence of hardware security elements on
                 client devices, more dynamic client-based
                 access-control schemes can be devised. This paper
                 proposes a tamper-resistant client-based XML
                 access-right controller supporting flexible and dynamic
                 access-control policies. The access-control engine is
                 embedded in a hardware-secure device and, therefore,
                 must cope with specific hardware resources. This engine
                 benefits from a dedicated index to quickly converge
                 toward the authorized parts of a potentially streaming
                 XML document. Pending situations (i. e. , where data
                 delivery is conditioned by predicates, which apply to
                 values encountered afterward in the document stream)
                 are handled gracefully, skipping, whenever possible the
                 pending elements and reassembling relevant parts when
                 the pending situation is solved. Additional security
                 mechanisms guarantee that (1) the input document is
                 protected from any form of tampering and (2) no
                 forbidden information can be gained by replay attacks
                 on different versions of the XML document and of the
                 access-control rules. Performance measurements on
                 synthetic and real datasets demonstrate the
                 effectiveness of the approach. Finally, the paper
                 reports on two experiments conducted with a prototype
                 running on a secured hardware platform.",
  acknowledgement = ack-nhfb,
  articleno =    "4",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
  keywords =     "access-control; data confidentiality; smartcard;
                 ubiquitous data management",
}

Related entries