Embed Size (px)
Citation preview
Selective and Authentic Selective and Authentic Third-Party distribution of Third-Party distribution of
XML DocumentsXML Documents
- Yashaswini Harsha Kumar
- Netaji Mandava
(Oct 16th 2006)
ContentsContents TerminologyTerminology Security PropertiesSecurity Properties XML OverviewXML Overview Merkle Hash functionMerkle Hash function Access Control ModelAccess Control Model ArchitectureArchitecture Actor InteractionsActor Interactions ReferencesReferences
TerminologyTerminology OwnerOwner : : Producer of informationProducer of information
PublisherPublisher : : Manages the ownerManages the owner information and answers subject information and answers subject queries.queries.
SubjectSubject : : A person who produces queries for documents.A person who produces queries for documents.
Merkle Hash TreesMerkle Hash Trees : : A Merkle hash tree is a tree of hashes A Merkle hash tree is a tree of hashes in which the leaves are hashes of data blocks in, for instance, a in which the leaves are hashes of data blocks in, for instance, a file or set of files. Nodes further up in the tree are the hashes of file or set of files. Nodes further up in the tree are the hashes of their respective children. For example, in the picture to the right their respective children. For example, in the picture to the right hash 0hash 0 is the result of hashing is the result of hashing hash 0-0hash 0-0 and then and then hash 0-1hash 0-1. That is, . That is, hash 0 = hash( hash 0-0 | hash 0-1 )hash 0 = hash( hash 0-0 | hash 0-1 )..
Security propertiesSecurity properties Document Source AuthenticityDocument Source Authenticity : : The subject
receiving a document is assured that the contents of the document originated at the claimed source.
Document Contents AuthenticityDocument Contents Authenticity: : The integrity of the document received by a subject with respect to the original document is respected.
Completeness of Response : A subject must be able to verify that he or she has received all the document(s) (or portion(s) of document(s)) that is entitled to access, according to the stated access control policies.
XML revisited…(1)XML revisited…(1)
Nested and tagged XML elements.Nested and tagged XML elements. Attributes.Attributes. Label :Label : Set of element tags and attribute Set of element tags and attribute
names.names.
Value : Value : A set of attribute/element values.A set of attribute/element values.
XML revisited…(2)XML revisited…(2)
Is an XML document a tuple?Is an XML document a tuple?
XML revisited…(3)XML revisited…(3)
XML revisited…(4)XML revisited…(4)
Edges: element – attribute, element – sub element
Link Edges: Links between elements (IDREF).
Merkle Hash functionMerkle Hash function
Ensures Authenticity of the document as well as Ensures Authenticity of the document as well as the schema.the schema.
Associate a hash value with each node in the Associate a hash value with each node in the graph representation of the XML document.graph representation of the XML document.
The hash value of a node is obtained by applying The hash value of a node is obtained by applying a hash function over the concatenation of its a hash function over the concatenation of its children.children.
The hash values are computed using the Merkle The hash values are computed using the Merkle Hash Function.Hash Function.
Merkle Hash Function (Merkle Hash Function (MhMh))
MhXd…MhXd… Collision Resistant Hash function (CRHF):Collision Resistant Hash function (CRHF): hash() is a CRHF if it is hard hash() is a CRHF if it is hard
to find two different messages to find two different messages mm1 and 1 and mm2 such that 2 such that hash(hash(mm1) = hash(1) = hash(mm2). 2).
Codomain of MhXd:Codomain of MhXd: the codomain of a function the codomain of a function ff : : XX → → YY is the set is the set YY. .
Hash is a mapping from a domain (usually called keys) into a Hash is a mapping from a domain (usually called keys) into a codomain (usually called values) codomain (usually called values)
KeypointsKeypoints If a subject knows the correct Merkle hash value of a node, the
Publisher cannot forge the value of the descendant children. The Publisher returns the Merkle Hash value of the of the root of
an XML document d, along with the query result. The Publisher receives the hash value of the root from the Owner.
The Merkle hash value of the root of the document is critical; therefore, it is signed by the Owner (known as as Merkle Signature) and is verified by the subject.
(Please refer to the paper for details on generating the Merkle Signature.)
Access Control Model for XML Access Control Model for XML Documents(1)Documents(1)
Subjects are qualified by means of Subjects are qualified by means of credentialscredentials.. A credential is a set of properties concerning a
subject that are relevant for security purposes (for example, age, position within an organization).
Credentials are encoded using an XML-based language, called X-Sec.
Access control policies specify conditions on the credentials and properties of the credentials, using an XPath-compliant language.
Access Control Model(2)Access Control Model(2)
The access control model provides varying access granularity levels and can express policies that apply to:
1) all the instances of a DTD/XML Schema 2) collections of documents not necessarily
instances of the same DTD/XMLSchema 3) selected portions within a document(s), or
a link (or a set of links).
Access Control Model(3)Access Control Model(3) Access control policies are encoded using Access control policies are encoded using X-SecX-Sec.. Policy Base:Policy Base: The The XML file encoding the access control policies of
the Owner.
System Architecture (1)System Architecture (1)
Architecture (2)Architecture (2) Relies on the distinction between the Relies on the distinction between the OwnerOwner and the and the PublisherPublisher..
The Owner The Owner - specifies the access control policies.- specifies the access control policies.- sends the Publisher the documents he is entitled to manage - sends the Publisher the documents he is entitled to manage along with along with information on which subjects can access which portions of the document according to the access control policies it has specified.- sends the Publisher, the Merkle Signature of the document. - sends the Publisher, the Merkle Signature of the document. (optional)(optional)- The above - The above additional information is encoded in XML and attached to the original document, forming the so-called security enhanced XML document.- The structure of the original XML document is also supplied by The structure of the original XML document is also supplied by the Owner in the form of an XML document called the Owner in the form of an XML document called secure secure structure.structure.
Architecture (3)Architecture (3)
The SubjectThe Subject
- Registers with the Owner during the mandatory - Registers with the Owner during the mandatory subscription phase.subscription phase.
- Receives the - Receives the subject policy configurationsubject policy configuration from the Owner from the Owner in a secure manner.in a secure manner.
- Submits queries to the Publisher (along with its policy - Submits queries to the Publisher (along with its policy configuration).configuration).
- Receives a - Receives a viewview of the requested document(s). of the requested document(s).
- Verifies authenticity of the answer (for authenticity and - Verifies authenticity of the answer (for authenticity and completeness).completeness).
Architecture (4)Architecture (4) The PublisherThe Publisher
- Receives documents, access control policies, secure - Receives documents, access control policies, secure structure and optional Merkle Signature from the Owner.structure and optional Merkle Signature from the Owner.
- On receiving a query from a Subject, the Publisher - On receiving a query from a Subject, the Publisher computes a view of the requested document(s) computes a view of the requested document(s) which contains all and only those portions of the requested document(s) for which the subject has an authorization according to the access control policies in place at the Owner site.
- Responds to the Subjects’ query with a Reply Document (view + hash values computed over parts of the document not contained in the view)
Subject – Owner Interaction(1)Subject – Owner Interaction(1)
Subject – Owner Interactions(2)Subject – Owner Interactions(2)
• Policies P1 and P2 apply to Alice Brown.
• Only policy P6 applies to Tom Moore.
• Thus, the policy configuration of Alice Brown and Tom Moore are, respectively, the signatures of the identifiers 1, 2, and 6 with the Owner’s private key.
Owner – Publisher Interaction (1)Owner – Publisher Interaction (1)
Security Enhanced XML Document:Security Enhanced XML Document: Which access control policies apply to the corresponding Which access control policies apply to the corresponding document?document?
- Policy information is specified at the element level.- Policy information is specified at the element level.
- - Policy Configuration (PC)Policy Configuration (PC) is an additional attribute of the is an additional attribute of the corresponding element whose value is the ‘set’ of policies that corresponding element whose value is the ‘set’ of policies that apply to the element. It is represented as a string of hexadecimal apply to the element. It is represented as a string of hexadecimal values. PC should not be confused with Subject Policy values. PC should not be confused with Subject Policy Configuration. Each policy in the set is identified by a policy Configuration. Each policy in the set is identified by a policy identifieridentifier unique to the Policy base. unique to the Policy base.
- The element ‘Policy’ in the security enhanced XML document - The element ‘Policy’ in the security enhanced XML document contains the identifiers of all policies.contains the identifiers of all policies.
(Refer to the paper for the formal definition of the Security Enhanced XML Document.)(Refer to the paper for the formal definition of the Security Enhanced XML Document.)
Owner – Publisher Interaction(2)Owner – Publisher Interaction(2) Secure Structure:Secure Structure:
The secure structure of the XML document is generated by hashing with a standard hash function, each tag and attribute name.
Subject – Publisher Interaction(1)Subject – Publisher Interaction(1)
Subject ‘Subject ‘s’s’ submits a query + his/her submits a query + his/her policy specification to a Publisher.policy specification to a Publisher.
Publisher determines the set of nodes that Publisher determines the set of nodes that need to be returned to need to be returned to ‘s’‘s’..
The Publisher also computes the additional The Publisher also computes the additional information required by information required by ‘s’ ‘s’ for for authentication and completeness authentication and completeness verification.verification.
The set of nodes and additional The set of nodes and additional information are organized into a an XML information are organized into a an XML document called document called Reply DocumentReply Document..
Subject – Publisher Interaction(2)Subject – Publisher Interaction(2) Reply DocumentReply Document ss : Subject : Subject
q q : query from Subject ‘s’: query from Subject ‘s’
PC(s)PC(s) : Policy Configuration for Subject ‘s’ : Policy Configuration for Subject ‘s’
View()View() : is a function : is a function
Input :Input : q q and and PC(s)PC(s)
Output : well formed XML document with answer nodes for which Output : well formed XML document with answer nodes for which ‘s’ ‘s’ has necessary authorization.has necessary authorization.
(Refer to the paper for the formal definition of the Reply Document)
Subject – Publisher Interaction(3)Subject – Publisher Interaction(3)
Relative Merkle Hash Path:Relative Merkle Hash Path:
Reply Document Generation(3)Reply Document Generation(3)
Evaluate()Evaluate() : : takes as input a query ‘q’ submitted on document ‘d’, and returns a well-formed XML document ‘r’ containing all and only the nodes satisfying ‘q’.
ReBuild()ReBuild() : : takes as input the obtained set of nodes and transforms them into a well-formed XML document.
(Please refer to the paper for the algorithm.)
Reply Document Generation(2)Reply Document Generation(2)
Function Function Evaluate()Evaluate() returns a well formed XML returns a well formed XML document ‘r’ containing all nodes satisfying ‘q’.document ‘r’ containing all nodes satisfying ‘q’.
Determine the access control policies that apply Determine the access control policies that apply to each node in ‘r’.to each node in ‘r’.
Remove nodes that ‘s’ is not authorized to Remove nodes that ‘s’ is not authorized to access.access.
Replace all attributes in ‘r’ with an Replace all attributes in ‘r’ with an AttributeElementAttributeElement element. element.
An additional attribute called An additional attribute called MPathMPath is inserted in is inserted in each node to be returned.each node to be returned.
Insert the Merkle signature of document ‘d’.Insert the Merkle signature of document ‘d’. Rebuild ‘r’.Rebuild ‘r’.
Subject VerificationSubject Verification
Upon receiving a reply document and a secure structure, the Subject can verify the authenticity and the completeness of the corresponding query answer.
Authenticable ElementAuthenticable Element
Authentic ElementAuthentic Element
Completeness VerificationCompleteness Verification
Difficult, Difficult, greatly depends on the kinds of queries that are submitted to a Publisher.
Types of Queries:- structure queries- content-dependent queries
Attack AnalysisAttack Analysis
Subject attacksSubject attacks Publisher attacksPublisher attacks
Performance IssuesPerformance Issues
Update management Update management Storage complexity of security Storage complexity of security
related informationrelated information
One attribute for the Merkle signature, and atmost 2Ne attributes representing the PC, and PCAttr attributes, respectively.
let Np be the number of access control policies that apply to document d. The size of the policy configuration of an element e in d is Np/4 characters.
let Na be the number of attributes associated with an element e, the size of the policy configuration of attributes of e is Na*(Np/4) characters.
Thus in the worst case, the size of the original document is increased of Ne*(Np/4 + NAttr*Np/4)
SE-XML version
HashSize *Nce +sumfEpath(e)HashSize*(2 + lsib(f)l )
Reply document
Related WorkRelated Work
ConclusionsConclusions
ReferencesReferences http://open-content.net/specs/draft-jchapweske-thex-02.html#anchor2http://open-content.net/specs/draft-jchapweske-thex-02.html#anchor2 http://en.wikipedia.org/wiki/Cryptographic_hash_functionhttp://en.wikipedia.org/wiki/Cryptographic_hash_function http://en.wikipedia.org/wiki/Merkle_treehttp://en.wikipedia.org/wiki/Merkle_tree
Backup SlidesBackup Slides
Credential base
policy baseXML Source
User/Subject
Owner
Publisher
Query
Reply documen
t
SE-XML
credentials
