ABSTRACT
XML [15] has become a standard format for information that moves within the World Wide Web. Previous work in securing XML documents concentrated mainly on textual documents. Those proposals are ineffective in the context of multimedia, which mostly comprises of some sensible combination of images, text, audio, and video. As multimedia constitutes a significant component of the traffic within the Internet, it requires to be secured. We propose an access control model and an encryption mechanism that enforces access control and maintains integrity of multimedia by using the Synchronized Multimedia Integration Language (SMIL)[1], thereby preventing illegal or malicious unauthorized access or modifications to the media documents in transition. We show its utility in safeguarding pay-per-view movies and multi-level secure coalitions observing unfolding scenarios.
- J.Ayers et al. "Synchronized Multimedia Integration Language (SMIL 2.0)". World Wide Web Consortium (W3C). http://www.w3.org/TR/smil20/ (August 2001).]]Google Scholar
- E. Bertino, B. Carminati, E. Ferrari. "XML Security" in Information Security Technical Report, Vol 6, No 2(2001) Pages 44--58.]]Google Scholar
- A. Gabillon, E. Bruno. Regulating Access to XML documents. in Proc. IFIP WG11.3 Working Conference on Database Security, Niagara on the Lake, Ontario, Canada, July 15--18, 2001.]] Google ScholarDigital Library
- E. Bertino, S. Casatano, E. Ferrari "Securing XML Documents with Author-X" in IEEE Internet Computing, vol 5,no3 May/June 2001]] Google ScholarDigital Library
- E. Bertino, M. Braun, S. Castano, E. Ferrari, M. Mesiti. "AuthorX: A Java-Based System for XML Data Protection". In Proc. of the 14th Annual IFIP WG 11.3 Working Conference on Database Security, Schoorl, The Netherlands, August 2000]] Google ScholarDigital Library
- E. Bertino, S. Castano, E. Ferrari and M. Mesiti. "Specifying and Enforcing Access Control Policies for XML Document Sources". World Wide Web Journal, vol. 3, n. 3, Baltzer Science Publishers.]] Google ScholarDigital Library
- Dan Boneh, Matthew Franklin "An Efficient Public Key Traitor Tracing Scheme" in Eurocrypt 99.]] Google ScholarDigital Library
- Amos Fiat, Tamir Tassa "Dynamic Traitor Tracing" Pages 211--223 The Journal of Cryptography, April 2001.]]Google Scholar
- E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati, "Securing XML Documents," in Proc. of the 2000 International Conference on Extending Database Technology (EDBT2000), Konstanz, Germany, March 27--31, 2000.]] Google ScholarDigital Library
- E. Damiani, S. De Capitani di Vimercati, E. Fernandez-Medina, P. Samarati "An Access Control System for SVG Documents" in Proc. IFIP WG11.3 Working Conference on Database Security, King's College, and Cambridge, England]]Google Scholar
- E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati, "Controlling Access to XML Documents," in IEEE Internet Computing, vol. 5, n. 6, November/December 2001, pp. 18--28.]] Google ScholarDigital Library
- E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati "XML Access Control Systems: A Component-Based Approach" in Proc. IFIP WG11.3 Working Conference on Database Security, Schoorl, The Netherlands, August 21--23, 2000.]] Google ScholarDigital Library
- J. Clark et al. "XML Path Language (XPath) Version 1.0". World Wide Web Consortium (W3C). http://www.w3c.org/TR/xpath (November 1999).]]Google Scholar
- J. Clark et al. "XSL Transformations (XSLT) Version 1.0". World Wide Web Consortium (W3C). http://www.w3c.org/TR/xslt (November 1999).]]Google Scholar
- T. Bray et al. "Extensible Markup Language (XML) 1.0". World Wide Web Consortium (W3C). http://www.w3c.org/TR/REC-xml (October 2000).]]Google Scholar
- A.G. Stoica and Csilla Farkas. "Secure XML Views" in Proc. IFIP WG11.3 Working Conference on Database Security, King's College, Cambridge, England.]]Google Scholar
- Michiharu Kudo and Satoshi Hada, "XML Document Security based on Provisional Authorization", 7th ACM Conference on Computer and Communication Security, pages 87--96, Nov. 2000]] Google ScholarDigital Library
- ContentGaurd " eXtensible rights Markup Language(XrML)" http://www.xrml.org]]Google Scholar
Index Terms
- Regulating access to SMIL formatted pay-per-view movies
Recommendations
Applying hierarchical and role-based access control to XML documents
SWS '04: Proceedings of the 2004 workshop on Secure web serviceW3C Recommendations XML Encryption and XML-Digital Signature can be used to protect the confidentiality of and provide assurances about the integrity of XML documents transmitted over an insecure medium. The focus of this paper is how to control access ...
Filtering XPath expressions for XML access control
XPath is a standard for specifying parts of XML documents and a suitable language for both query processing and access control of XML. In this paper, we use the XPath expression for representing user queries and access control for XML. And we propose an ...
Design of access control system for telemedicine secure XML documents
XML can supply the standard data type in information exchange format on a lot of data generated in running database or applied programs for a company by using the advantage that it can describe meaningful information directly. Accordingly since there ...
Comments