1 / 55

Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents

Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents. Tomasz Müldner , Jodrey School of Computer Science, Acadia University, Wolfville, NS, Canada Gregory Leighton , Department of Computer Science, University of Calgary, Calgary, Canada

buck
Download Presentation

Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents Tomasz Müldner, Jodrey School of Computer Science, Acadia University, Wolfville, NS, Canada Gregory Leighton, Department of Computer Science, University of Calgary, Calgary, Canada Krzysztof Miziołek, Centre for Studies on the Classical Tradition in Poland and East-Central Europe,Warsaw University, Warsaw, Poland The Extreme Markup Languages Conference, Montreal, August 7-11, 2006

  2. GOAL • Share XML documents within decentralized and distributed computing environments. • We need mechanisms to facilitate controlled and secure access to these documents.

  3. TERMINOLOGY • Access Control: • Different users have different access rights • Access right are defined using permission policies • Permission policies may be • Static • Dynamic • Permission policies may define accessors, using • Roles, such as auditor • Credentials, such as defined by an XPath

  4. GOAL • Share XML documents within decentralized and distributed computing environments. • We need mechanisms to facilitate controlled and secure access to these documents. • the ability to make selective (parts of) documents available to users in multiple, possibly overlapping roles

  5. INTRODUCTION I will make my parts of the document available to some users Multiple users access the same document

  6. INTRODUCTION Select nodes which can be accessed –use them to create an XML document (a view) Multiple views • Problems: • A view may be invalid. • overhead

  7. INTRODUCTION Publish a single view

  8. SUMMARY We consider: • XML documents accessed by multiple users in P2P environments • using static permission policies • using role-based policies • permissions are represented by meta-information which is visible only to authorized users • We describe permission policies implemented using cryptographic tools: • a key encryption function, which generates internal keys needed to provide controlled access • use of multi-encryption to provide access specified by the permission policy

  9. Encrypted with more than one key Various elements are encrypted with different keys TERMINOLOGY • Super-encryption • Multiple-encryption • Partial encryption

  10. TABLE OF CONTENTS • Security • Overview of controlled access • Detailed description of access to parts of documents • Permission policy • Key encryption function • Encrypting largest parts • Step 1: Encryption • Step 2: Meta-information • Multi-encrypted document • Access • Future work

  11. SECURITY: ISSUES • Confidentiality • Integrity • Authentication

  12. Cyphertext Plain text CONFIDENTIALITY

  13. Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document SYMMETRIC ENCRYPTION

  14. ASYMMETRIC ENCRYPTION Public key Private key

  15. Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Encrypted Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document Document ASYMMETRIC ENCRYPTION

  16. INTEGRITY Your new salary will be $5,000 Your new salary will be $1,000

  17. CRYPTOGRAPHIC HASH THIS IS MY TEXT hash Encrypted DIGEST

  18. DIGITAL SIGNATURE THIS IS MY TEXT SIGNED TEXT: THIS IS MY TEXT DIGEST

  19. CERTIFICATE

  20. TABLE OF CONTENTS • Security • Overview of controlled access • Detailed description of access to parts of documents • Permission policy • Key encryption function • Encrypting largest parts • Step 1: Encryption • Step 2: Meta-information • Multi-encrypted document • Access • Future work

  21. CONTROLLING ACCESS: BASIC CONCEPTS • Roles identify subjects. Fixed set of roles Ψ = {R1, R2, ..., Rt} • Views are parts of the document • Permission policy associates roles with the specific type of permissions (read/write access) for one or more views • Creator of the document defines a permission policy that specifies the access for selected roles

  22. CONTROLLING ACCESS: USE OF KEYS • (Asymmetric) Keyκ is a pair (public part, private part) • For each role R, there is an external keyκR associated with this role • Users who enter the system are assigned one or more roles • The private part of the external key κR is available only to users who are currently in role R.This key will give access to internal keys.

  23. TABLE OF CONTENTS • Security • Overview of controlled access • Detailed description of access to parts of documents • Permission policy • Key encryption function • Encrypting largest parts • Step 1: Encryption • Step 2: Meta-information • Multi-encrypted document • Access • Future work

  24. Instructor Student CONTROLLING ACCESS: VIEWS Definition 1. For an XML document D, a view VD = (D, e), where e is an extended Xpath for D. Here, an extended Xpath is of the form: • p • ¬ p where p is a correct Xpath expression. Intuition: A view represents a tree fragment for which we define an access.

  25. VIEWS To define permissions for the document D, we define (in any order): • a number of views (let V be the union of all these views) • a special view: Vread/ write Let V0 = D-(VVread/ write) be the of all elements which have not been defined in the above procedure. These elements will be hidden, i.e. encrypted and inaccessible to any user

  26. VIEWS and ROLES The next step in defining permissions involve associating roles and views. Definition 2a. Given an XML document D, a role RjΨ, VDi - views of D for i = 1,...,k A single permission is: pj = [Rj, read, VDi1,VDi2,...,VDim, write, VDh1,VDh2,...,VDhn ] (m,n≤k). Here, a write permission does not automatically give a read permission Conventions; e.g. skip the write part if there are no views in this part.

  27. PERMISSION POLICY Definition 2b. Given an XML document D, VDi - views of D for i = 1,...,k a permission policyΠ(D) = {p1,p2,...,pt , Vread/ write } Protection requirement: the user in role R can access precisely the set of nodes defined by the union of all views associated with R (by the permission for R) as well as nodes from the set Vread/ write

  28. MULTI-VIEW DOCUMENT Definition 3. Given • an XML document D • a permission policy Π(D) a multi-view document DΠ = [D, VD0,VD1,...,VDk], where • VD1,...,VDkare all the views in Π(D) • VD0 contains all nodes which don’t belong to any viewVDi, i = 1,2,...,k

  29. Example Example. Roles: Auditor (access to employees in Marketing) Checker (access to H-R and Marketing, level < 9) Permission policy Π(D) [Auditor, read, /organization/department[@name="Marketing"]/*] [Checker, read, /organization/department[@name="Marketing"]/employee[@level<9]| /organization/department[@name="H-R"]/*]

  30. TABLE OF CONTENTS • Security • Overview of controlled access • Detailed description of access to parts of documents • Permission policy • Key encryption function • Encrypting largest parts • Step 1: Encryption • Step 2: Meta-information • Multi-encrypted document • Access • Future work

  31. V1 d1 d2 d3 κ1 V2 D κ2 ASSIGNING KEYS Various parts of the document will be encrypted with different internal keys. However, these keys can not be assigned per-view:

  32. KEY ASSIGNMENT Key Assignment assigns keys to nodes in a document, based on how the set of nodes is partitioned by views. Let’s now fix an XML document D, a permission policy Π(D), and the corresponding multi-view documentDΠ = [D, VD0,VD1,...,VDk], and consider a set of keys Κ. • The key assignment function ξ:D->K will be used as follows: • the node sDwill be encrypted with x(s) • to encrypt nodes in VDi we will need the set of keys Neededξ(VDi)= x(VDi) • the set of nodes in D that can be decrypted with keys from the set of keys K0 is defined as Availableξ(K0) = x-1(K0) The protection requirement for the view VDi is satisfied iff Availableξ(Neededξ(VDi))= VDi.

  33. V1 d1 d2 d3 κ1 V2 ξ D κ2 K KEY ASSIGNMENT Availableξ(Neededξ(VDi))= VDi. True for any one-to-one function ξ:D->K, however such functions may unnecessarily assign too many keys. “Weaker” functions may be sufficient: Neededξ(V1) = {κ1}, Availableξ({κ1}) = V1 Neededξ(V2) = {κ1,κ2}, Availableξ ({κ1,κ2}) = V2

  34. V1 d1 d2 d3 χ V2 1 1 1 1 D 0 1 KEY ASSIGNMENT We define a characteristic vector χ:D{0,1}n where n is the total number of views, as follows: χ(s) = {[c1,c2,...cn]: for i=1,2,…,n, ci = 1 if sVDi and 0 otherwise}

  35. χ d1 d2 d3 κ1 1 1 ξ 1 1 D 0 1 κ2 K The above key assignment is correct. KEY ASSIGNMENT Definition 4. A key assignment ξ:D->K is said to be correct if it satisfies the following condition: ξ(s) = ξ(t) iffχ(s) = χ(t) for any two elements s,tD (weaker than one-to-one) Note: The set of all elements that belong to a single view is assigned the same key

  36. KEY ASSIGNMENT Lemma 1. If the key assignment ξ is correct then the protection requirement is satisfied, i.e. Availableξ(Neededξ(VDi)) = VDi, for i = 1,2,...,n.

  37. d1 d2 d3 κ1 χ 1 1 D κ2 ξ 1 1 0 1 K KEY ASSIGNMENT Key Assignment Algorithm 1. Input: DΠ = [D, VD0,VD1,...,VDk], Output: correct key assignment ξ:DK.

  38. KEY ASSIGNMENT Theorem 1. The key assignment algorithm produces a correct key assignment, its time complexity is O(m), where m is the number of elements in D, and it produces the minimum number of keys. ▄

  39. TABLE OF CONTENTS • Security • Overview of controlled access • Detailed description of access to parts of documents • Permission policy • Key encryption function • Encrypting largest parts • Step 1: Encryption • Step 2: Meta-information • Multi-encrypted document • Access • Future work

  40. SUBTREES IDENTIFICATION Fixed XML document D, and permission policy Π(D). A subtree rooted at dD is called complete if it consists of all descendents of d and is of height at least two. Subtrees Identification Algorithm 2. Input: multi-view XML document DΠ = [D, VD0,VD1,...,VDk], Output: set ΘD = {largest complete subtrees θ(d), dD, which are rooted at d, and whose nodes have all the same characteristic vector; i.e. belong to the same set of views in DΠ}.

  41. TABLE OF CONTENTS • Security • Overview of controlled access • Detailed description of access to parts of documents • Permission policy • Key encryption function • Encrypting largest parts • Creating a multi-encrypted document. Step 1: Encryption • Step 2: Meta-information • Access • Future work

  42. MULTI-ENCRYPTION:INTRODUCTION • The creator (owner) of the document D wants to define for various users access permissions to this document through the permission policy Π. • Based on specifications in Π, the system will createthe multi-encrypted documentEncΠ(D). • The documentEncΠ(D) will be made available to other users, who will access the allowed parts of D for a role R as long as they are in this role.

  43. MULTI-ENCRYPTION: INTRODUCTION There are two steps: • Generate internal keys and use them to encrypt largest subtrees • Add meta-information that specifies user’s permissions

  44. STEP 1: ENCRYPTION Consider a multi-view document based on the permission policy Π DΠ = [D, VD0,VD1,...,VDk], Let ξ be the key mapping generated by the Algorithm 1and ΘD be the set of trees generated by the Algorithm 2. Elements dVread/writeare not encrypted; the remaining elements are encrypted using the private part of the internal key ξ(d): • for dD which are roots of trees from ΘD, encrypt the entire tree θ(d) using the W3C XML encryption standard • for remaining dD, use a single-element encryption The structure of the encrypted document is partly visible.

  45. SUBTREES IDENTIFICATION Encrypted Fixed XML document D, and permission policy Π(D). A subtree rooted at dD is called complete if it consists of all descendents of d and is of height at least two. Subtrees Identification Algorithm 2. Input: multi-view XML document DΠ = [D, VD0,VD1,...,VDk], Output: set ΘD = {largest complete subtrees θ(d), dD, which are rooted at d, and whose nodes have all the same characteristic vector; i.e. belong to the same set of views in DΠ}. Encrypted Enc. Enc. STEP 1: EXAMPLE

  46. TABLE OF CONTENTS • Security • Overview of controlled access • Detailed description of access to parts of documents • Permission policy • Key encryption function • Encrypting largest parts • Step 1: Encryption • Step 2: Meta-information • Multi-encrypted document • Access • Future work

  47. ACLD STEP 2: ADDING META INFORMATION To the encrypted document from Step 1, we add additional meta-nodes. For each role, one meta-node is added to as child of the root signed using the creator’s private part of the key κC D

  48. META INFORMATION A meta-node contains a <role> element, which defines read or write permission for one or more nodes, corresponding to the views associated with this role. <role name="R"> <permission name="read"> <node xpath="..." key="..."/> </permission> … </role> This design supports pseudo-anonymity requirement: meta-information specifying what parts of the document are available in role R is visible only to the user in role R Encrypted with the public part of the external key associated with the corresponding role

  49. TABLE OF CONTENTS • Security • Overview of controlled access • Detailed description of access to parts of documents • Permission policy • Key encryption function • Encrypting largest parts • Step 1: Encryption • Step 2: Meta-information • Multi-encrypted document • Access • Future work

  50. MULTI-ENCRYPTION Definition 7. Consider an XML document D and a permission policy Π(D). Multi-encrypted document EncΠ(D) = [Encrypted(D), CertD] certificate CertD (signed by the certificate authority) contains the identification of the owner, the digital signature of the ACLD, and the public part of the creator’s key κC

More Related