An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
Using digital credentials on the World Wide Web
Journal of Computer Security - Special issue on security in the World Wide Web
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Securing XML Documents with Author-X
IEEE Internet Computing
A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy
IEEE Transactions on Knowledge and Data Engineering
Safeguarding Digital Library Contents and Users: Assuring ConvenientSecurity and Data Quality
Safeguarding Digital Library Contents and Users: Assuring ConvenientSecurity and Data Quality
DigiBox: a self-protecting container for information commerce
WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1
Selective and Authentic Third-Party Distribution of XML Documents
IEEE Transactions on Knowledge and Data Engineering
Security analysis of cryptographically controlled access to XML documents
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Applying hierarchical and role-based access control to XML documents
SWS '04 Proceedings of the 2004 workshop on Secure web service
Provably-secure time-bound hierarchical key assignment schemes
Proceedings of the 13th ACM conference on Computer and communications security
On the efficiency of secure XML broadcasting
Information Sciences: an International Journal
Security analysis of cryptographically controlled access to XML documents
Journal of the ACM (JACM)
Efficient key management for cryptographically enforced access control
Computer Standards & Interfaces
Automatic transformations between geoscience standards using XML
Computers & Geosciences
Trade-Offs in Cryptographic Implementations of Temporal Access Control
NordSec '09 Proceedings of the 14th Nordic Conference on Secure IT Systems: Identity and Privacy in the Internet Age
Preserving SQL access control policies over published XML data
Proceedings of the 2009 EDBT/ICDT Workshops
Access control policy translation and verification within heterogeneous data federations
Proceedings of the 15th ACM symposium on Access control models and technologies
Practical and efficient cryptographic enforcement of interval-based access control policies
ACM Transactions on Information and System Security (TISSEC)
Cryptographic enforcement of role-based access control
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Time-storage trade-offs for cryptographically-enforced access control
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
ACM Transactions on Information and System Security (TISSEC)
Comparison-based encryption for fine-grained access control in clouds
Proceedings of the second ACM conference on Data and Application Security and Privacy
GPC'10 Proceedings of the 5th international conference on Advances in Grid and Pervasive Computing
Confidentiality enforcement for XML outsourced data
EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology
A note on time-bound hierarchical key assignment schemes
Information Processing Letters
| Hi-index | 0.00 |
Secure broadcasting of web documents is becoming a crucial need for many web-based applications. Under the broadcast document dissemination strategy a web document source periodically broad-casts (portions of) its documents to a possibly large community of subjects, without the need of explicit subject requests. By secure broadcasting we mean that the delivery of information to sub-jects must obey the access control policies of the document source. Since different subjects may have the right to access different portions of the same document, enforcing secure broadcasting requires to efficiently manage a large number of different physical views of the requested document and sending them to the proper subjects. In this paper we present an approach to secure broadcasting of web documents, based on the use of encryption techniques, and supporting the specification of fine-grained temporal access control policies. The idea is to generate a unique encrypted copy of the document to be released, where different portions of the docu-ment are encrypted with different keys, on the basis of the specified access control policies. Each subject then obtains the secret keys corresponding to document portions he/she is authorized to access. The key aspect of our approach is that the number of keys to be generated does not depend on the number of subjects nor on the document dimension, but only on the number of specified access control policies and the associated temporal constraints.