1 / 59

Daniel Moran & Marina Yatsina

Daniel Moran & Marina Yatsina. Security Analysis of Cryptographically Controlled Access to XML Documents. Introduction. Access control through encryption. Access control through encryption. Publish data in such way that each client can only see the appropriate parts.

uma-garza
Download Presentation

Daniel Moran & Marina Yatsina

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Daniel Moran & Marina Yatsina Security Analysis of Cryptographically Controlled Access to XML Documents

  2. Introduction Access control through encryption

  3. Access control through encryption Publish data in such way that each client can only see the appropriate parts.

  4. Access control through encryptionexample <hospital> <physician> <administrative> </administrative> </physician> <nurse> <patientID> </patientID> <patientID> </patientID> </nurse> </hospital>

  5. Access control through encryptionexample <hospital> <physician> <administrative> </administrative> </physician> safasfdsfdsgdsgdnml gmpodsngnjyjnsbigfs </hospital> The physician doesn’t see the nurse’s information <hospital> <physician> <administrative> </administrative> </physician> <nurse> <patientID> </patientID> <patientID> </patientID> </nurse> </hospital>

  6. Protectionsexample <hospital> nvoidsnfnvodsnvonds foinfbidpadmpnfosbgj <nurse> <patientID> </patientID> <patientID> </patientID> </nurse> </hospital> The nurse doesn’t see the physician’s information <hospital> <physician> <administrative> </administrative> </physician> <nurse> <patientID> </patientID> <patientID> </patientID> </nurse> </hospital>

  7. Access control through encryption <hospital> <physician> <administrative> </administrative> </physician> <nurse> <patientID> </patientID> <patientID> </patientID> </nurse> </hospital> I’m a nurse I’m a physician Publish data in such way that each client can only see the appropriate parts. Alternative to keeping data on servers and relying on them for mediating between data and clients.

  8. Access control through encryption There is only one copy of the data, each client sees the information in it based on the set of keys he posses. Publish data in such way that each client can only see the appropriate parts. Alternative to keeping data on servers and relying on them for mediating between data and clients. Avoids data duplication.

  9. Agenda • Protections. • Security & data Secrecy. • Motivation. • Basic notations. • Formal analysis. • Computational analysis. • Summary & conclusions. We need them to understand the motivation

  10. Agenda • Protections. • Security & data Secrecy. • Motivation. • Basic notations. • Formal analysis. • Computational analysis. • Summary & conclusions. Protections

  11. Protectionsexample <hospital> <physician> <administrative> </administrative> </physician> <nurse> <patientID> </patientID> <patientID> </patientID> </nurse> </hospital>

  12. Protections example cont.

  13. Protections example cont.

  14. Protections • XML tree in which nodes are guarded by positive boolean formulas over a set of cryptographic keys.

  15. Protections cont. If you don’t have you can’t access any of the nodes Accessing a node is conditioned by possessing a combination of keys that satisfy the formula that guards the node (and the formulas that guard its ancestors).

  16. Protections cont. hospital, physician, administrative Formally: protection is a function that maps each possible set of keys to the set of nodes that can be accessed using those keys.

  17. Agenda • Protections. • Security & data Secrecy. • Motivation. • Basic notations • Formal analysis. • Computational analysis. • Summary & conclusions. Security & data secrecy

  18. Security & data secrecy Adversary is given an arbitrary set of keys.

  19. Security & data secrecy cont. <theSmurfs> <gargamel /> <papaSmurf /> </theSmurfs> <theSmurfs> <gargamel /> <smurfette /> </theSmurfs> The adversary select 2 documents which contain the same information in the nodes he has access too according to his keys .

  20. Security & data secrecy cont. <theSmurfs> <gargamel /> dsdmhtkinhf </theSmurfs> The adversary is given a partially encrypted document that corresponds to one of its 2 documents.

  21. Security & data secrecy cont. <theSmurfs> <gargamel /> <papaSmurf /> </theSmurfs> <theSmurfs> <gargamel /> dsdmhtkinhf </theSmurfs> ? <theSmurfs> <gargamel /> <smurfette /> </theSmurfs> ? Security means that the adversary cannot decide which of the 2 documents was used in creation of the partially encrypted document (better than picking randomly) .

  22. Security & data secrecy cont. Security means that the adversary cannot decide which of the 2 documents was used in creation of the partially encrypted document (better than picking randomly) . Meaning, partially encrypted document reveals no information on the data in the nodes that should be hidden from the adversary.

  23. Agenda • Protections. • Security & data Secrecy. • Motivation. • Basic notations. • Formal analysis. • Computational analysis. • Summary & conclusions. Motivation

  24. Motivation <theSmurfs> <gargamel /> dsdmhtkinhf </theSmurfs> <theSmurfs> <gargamel /> <papaSmurf /> </theSmurfs> ? <theSmurfs> <gargamel /> <smurfette /> </theSmurfs> ? Bridge the gap between the abstract semantic of protections and the use of actual keys and (symmetric) encryption. Establish that if data is hidden according to protection, then it is secret according to the presented definition of secrecy.

  25. XML Protection Normalized protection Key shares Agenda • Protections. • Security & data Secrecy. • Motivation. • Basic notations. • Formal analysis. • Computational analysis. • Summary & conclusions. Basic notations

  26. Basic notations - XML example

  27. Basic notations - XML We describe XML tree as follows: For example:

  28. Basic notations – Protection Lets recall:

  29. Basic notations – Protection cont. Explanation in a couple of slides We describe protection tree as follows:

  30. Basic notations – Protection cont. For example:

  31. Basic notations – Normalized protection In standard encryption schemes we can encrypt under a single key but not under a boolean combination of keys. Using simple transition we can rewrite any protection into an equivalent normalized protection where all formulas that guard a node are atomic.

  32. Basic notations – Normallized protection Lets recall:

  33. Basic notations – Normalized protection cont.

  34. Basic notations – Key shares We’ve split key into 2 pieces , each piece is called key share. Key shares are pieces of information that together allow the recovery of the key . No proper subset of key shares suffices for computing . We define:

  35. Expression Recoverable keys Structure Pattern Pattern-protection semantics Agenda • Protections. • Security & data Secrecy. • Motivation. • Basic notations • Formal analysis. • Computational analysis. • Summary & conclusions. Formal analysis

  36. Formal analysis - Expression Lets recall:

  37. Formal analysis – Expression cont. We describe expressions as follows: For example:

  38. Formal analysis – Expression cont. <hospital> <physician> <administrative> </administrative> </physician> safasfdsfdsgdsgdnml gmpodsngnjyjnsbigfs </hospital> We use expressions for giving a precise definition of how to map normalized protection to a partially encrypted document.

  39. Formal analysis – Expression cont. are normalized protections We describe expressions as follows:

  40. Formal analysis – Expression cont. For example:

  41. Formal analysis – Recoverable keys key symbols that occur in E or their shares occur in E A key is recoverable from expression if it occurs in clear (not encrypted) form, or if it’s encrypted under For example:

  42. Formal analysis – Structure We use structures to describe the structure of the partially encrypted document.

  43. Formal analysis – Structure We describe structures as follows:

  44. Formal analysis – Structure cont. Lets recall:

  45. Formal analysis – Structure cont. Lets recall:

  46. Formal analysis – Pattern A pattern represents the information an expression reveilles to the adversary.

  47. Formal analysis – Pattern We describe pattern that can be observed in using for decryption keys from as follows:

  48. Formal analysis – Pattern cont. Lets recall:

  49. Formal analysis – Pattern cont. Lets recall:

  50. Formal analysis – Pattern cont. We describe patterns as follows: For example:

More Related