Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: ACM Conference on Computer and Communications Security, 2001
Guest editors: Sabrina De Capitani di Vimercati
Article type: Research Article
Authors: Devanbu, Premkumara; * | Gertz, Michaela | Kwong, Aprila | Martel, Charlesa | Nuckolls, Glena | Stubblebine, Stuart G.b
Affiliations: [a] Department of Computer Science, University of California, Davis, CA 95616, USA. E-mail: devanbu@cs.ucdavis.edu; gertz@cs.ucdavis.edu; kwonga@cs.ucdavis.edu; martel@cs.ucdavis.edu; nuckolls@cs.ucdavis.edu | [b] Stubblebine Consulting, LLC, 8 Wayne Blvd, Madison, NJ 07940, USA. E-mail: stuart@stubblebine.com
Correspondence: [*] Corresponding author.
Abstract: XML is increasingly becoming the format of choice for information exchange on the Internet. As this trend grows, one can expect that documents (or collections thereof) may get quite large, and clients may wish to query for specific segments of these documents. In critical areas such as healthcare, law and finance, integrity is essential. In such applications, clients must be assured that they are getting complete and correct answers to their queries. Existing methods for signing XML documents cannot be used to establish that an answer to a query is complete. A simple approach has a server processing queries and certifying answers by digitally signing them with an on-line private key; however, the server, and its on-line private key, would be vulnerable to external hacking and insider attacks. We propose a new approach to signing XML documents which allows untrusted servers to answer certain types of path queries and selection queries over XML documents without the need for trusted on-line signing keys. This approach enhances both the security and scalability of publishing information in XML format over the Internet. In addition, it provides greater flexibility in authenticating parts of XML documents, in response to commercial or security policy considerations.
DOI: 10.3233/JCS-2004-12602
Journal: Journal of Computer Security, vol. 12, no. 6, pp. 841-864, 2004
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl