A Structure Preserving Approach for Securing XML Documents

With the widespread adoption of XML as the message format to disseminate content over distributed systems including Web Services and Publish-Subscribe systems, different methods have been proposed for securing messages. We focus on a subset of such systems where incremental updates are disseminated. The goal of this paper is to develop an approach for disseminating only the updated or accessible portions of XML content while assuring confidentiality and integrity at message level. While sending only the updates greatly reduces the bandwidth requirements, it introduces the challenge of assuring security efficiently for partial messages disseminated to intermediaries and clients. We propose a novel localized encoding scheme based on conventional cryptographic functions to enforce security for confidentiality and content integrity at the granularity of XML node level. We also address structural integrity with respect to the complete XML document to which clients have access. Our solution takes every possible measure to minimize indirect information leakage by making the rest of the structure of XML documents to which intermediaries and clients do not have access oblivious. The experimental results show that our scheme is superior to conventional techniques of securing XML documents when the percentage of update with respect to original documents is low.