Selective and authentic third-party distribution of XML documents

Bertino, Elisa; Carminati, Barbara; Ferrari, Elena; Thuraisingham, Bhavani; Gupta, Amar

doi:10.1109/tkde.2004.63

Cited by 112 publications

(57 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Secure content based pub/sub systems: Privacy and confidentiality issues in pub/sub systems have long been identified [28], but little progress has been made to address these issues in a holistic manner. Most of prior work on data confidentiality techniques in the context of content based pub/sub systems is based on the assumption that brokers are trusted with respect to the privacy of the subscriptions by subscribers [2,27,16]. However, when such an assumption does not hold, both publication confidentiality and subscription privacy are at risk.…”

Section: Results Discussionmentioning

confidence: 99%

Privacy Preserving Context Aware Publish Subscribe Systems

Nabeel

Appel

Bertino

et al. 2013

Network and System Security

View full text Add to dashboard Cite

Abstract. Publish/subscribe (pub/sub) systems support highly scalable, manyto-many communications among loosely coupled publishers and subscribers. Modern pub/sub systems perform message routing based on the message content and allow subscribers to receive messages related to their subscriptions and the current context. However, both content and context encode sensitive information which should be protected from third-party brokers that make routing decisions. In this work, we address this issue by proposing an approach for constructing a privacy preserving context-based pub/sub system. In particular, our approach assures the confidentiality of the messages being published and subscriptions being issued while allowing the brokers to make routing decisions without decrypting individual messages and subscriptions, and without learning the context. Further, subscribers with a frequently changing context such as location are able to issue and update subscriptions without revealing the subscriptions in plaintext to the broker and without the need to contact a trusted third party for each subscription change resulting from a change in the context. Our approach is based on a modified version of the Paillier additive homomorphic cryptosystem and a recent expressive group key management scheme. The former construct is used to perform privacy preserving matching and covering, and the latter construct is used to enforce fine-grained encryption based access control on the messages being published. We optimize our approach in order to efficiently handle frequently changing contexts. We have implemented our approach in a prototype using an industry strength JMS broker middleware. The experimental results show that our approach is highly practical.

show abstract

Section: Results Discussionmentioning

confidence: 99%

Privacy Preserving Context Aware Publish Subscribe Systems

Nabeel

Appel

Bertino

et al. 2013

Network and System Security

View full text Add to dashboard Cite

show abstract

“…The first methods on authentication of outsourced databases belong to the first category and build upon the MHT (e.g. [8,20,2]). [13] proposed the most complete and efficient MHT-based method to date, called Embedded Merkle B-tree (EMB-tree).…”

Section: Related Workmentioning

confidence: 99%

“…With the chain-MHT, the VO for a query result contains the signature of every query term's inverted list 2 . When the query processing algorithm terminates, all the processed document identifiers in the inverted lists of the query terms are also added to the VO.…”

Section: Authentication With Chain Merkle Hash Treesmentioning

confidence: 99%

Authenticating the query results of text search engines

Pang

Mouratidis

2008

Proc. VLDB Endow.

View full text Add to dashboard Cite

The number of successful attacks on the Internet shows that it is very difficult to guarantee the security of online search engines. A breached server that is not detected in time may return incorrect results to the users. To prevent that, we introduce a methodology for generating an integrity proof for each search result. Our solution is targeted at search engines that perform similarity-based document retrieval, and utilize an inverted list implementation (as most search engines do). We formulate the properties that define a correct result, map the task of processing a text search query to adaptations of existing threshold-based algorithms, and devise an authentication scheme for checking the validity of a result. Finally, we confirm the efficiency and practicality of our solution through an empirical evaluation with real documents and benchmark queries.

show abstract

“…Devanbu, et al described authentication for queries on XML document collections in [5]. Bertino, et al focus in detail on XML documents in [3] and leverage access control mechanisms as a means of providing client proofs of completeness. They also expand supported query types and provide a detailed investigation of XML authentication issues including updates, and address important implementation issues.…”

Section: Related Workmentioning

confidence: 99%

Verified Query Results from Hybrid Authentication Trees

Nuckolls

2005

Data and Applications Security XIX

View full text Add to dashboard Cite

Abstract. We address the problem of verifying the accuracy of query results provided by an untrusted third party Publisher on behalf of a trusted data Owner. We propose a flexible database verification structure, the Hybrid Authentication Tree (HAT), based on fast cryptographic hashing and careful use of a more expensive one-way accumulator. This eliminates the dependence on tree height of earlier Merkle tree based proposals and improves on the VB tree, a recent proposal to reduce proof sizes, by eliminating a trust assumption and reliance on signatures. An evaluation of the Hybrid Authentication Tree against the VB tree and Authentic Publication showing that a HAT provides the smallest proofs and faster verification than the VB tree. With moderate bandwidth limitations, the HATs low proof overhead reduces transfer time to significantly outweigh the faster verification time of Authentic Publication. A HAT supports two verification modes that can vary per query and per Client to match Client resources and applications. This flexibility allows the HAT to match the best performance of both hash based and accumulator based methods.

show abstract

Selective and authentic third-party distribution of XML documents

Cited by 112 publications

References 13 publications

Privacy Preserving Context Aware Publish Subscribe Systems

Privacy Preserving Context Aware Publish Subscribe Systems

Authenticating the query results of text search engines

Verified Query Results from Hybrid Authentication Trees

Contact Info

Product

Resources

About