DDH-based group key agreement in a mobile environment
Journal of Systems and Software
| Hi-index | 0.00 |
XML has been becoming popular for datastore, document representation and exchange over theweb.Security mechanisms for the protection of XMLdocument sources and their distribution are essential.Author-X is a Java based system specifically conceivedfor the protection of XML documents.It supports arange of protection granularity levels and subject credentials,but also supports push distribution for documentsbroadcast.However, the proposed system hascertain disadvantages in terms of both security and dynamickey management.For example, a sender has todistribute the secret keys to all correspondent users fordifferent XML documents.Also, if one of the usersleave or a credential is changed, then the sender has tore-encrypt all related documents and redistribute thesecret keys to all correspondent users.In this paper,we present a novel scheme for securing XML documentsand their distribution.Our scheme has several advantages over Author-X such as (a) one user needs only oneprivate key, (b) even when the user leaves or a credentialis changed, all the other users will be unaffected(c) there is no need to establish a secure channel forkey distribution and (d) there is no need for checkingthe XML documents for access control policies applied.These make the security model more efficient and robustas well as simplifying the programming and thegeneration of the encrypted document base.