End-to-end arguments in system design
ACM Transactions on Computer Systems (TOCS)
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Identity-Based Encryption from the Weil Pairing
SIAM Journal on Computing
Specifying access control policies for XML documents with XPath
Proceedings of the ninth ACM symposium on Access control models and technologies
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Orchestrating Composite Web Services under Data Flow Constraints
ICWS '05 Proceedings of the IEEE International Conference on Web Services
Towards Database Firewall: Mining the Damage Spreading Patterns
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
Automaton segmentation: a new approach to preserve privacy in xml information brokering
Proceedings of the 14th ACM conference on Computer and communications security
Transaction generators: root kits for web
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
W3Bcrypt: encryption as a stylesheet
ACNS'06 Proceedings of the 4th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
The frequency and severity of a number of recent intrusions involving data theft and leakages has shown that online users' trust, voluntary or not, in the ability of third parties to protect their sensitive data is often unfounded. Data may be exposed anywhere along a corporation's web pipeline, from the outward-facing web servers to the back-end databases. The problem is exacerbated in service-oriented architectures (SOAs) where data may also be exposed as they transit between SOAs. For example, credit card numbers may be leaked during transmission to or handling by transaction-clearing intermediaries. We present F3ildCrypt, a system that provides end-to-end protection of data across a web pipeline and between SOAs. Sensitive data are protected from their origin (the user's browser) to their legitimate final destination. To that end, F3ildCrypt exploits browser scripting to enable application- and merchant-aware handling of sensitive data. Such techniques have traditionally been considered a security risk; to our knowledge, this is one of the first uses of web scripting that enhances overall security.Our approach scales well in the number of public key operations required for web clients and does not reveal proprietary details of the logical enterprise network. We evaluate F3ildCrypt and show an additional cost of 40 to 150 ms when making sensitive transactions from the web browser, and a processing rate of 100 to 140 protected fields/second on the server. We believe such costs to be a reasonable tradeoff for increased sensitive-data confidentiality.