2nd International ICST Workshop on Trusted Collaboration

Research Article

A Structure Preserving Approach for Securing XML Documents

  • @INPROCEEDINGS{10.1109/COLCOM.2007.4553802,
        author={Mohamed Nabeel and Elisa Bertino},
        title={A Structure Preserving Approach for Securing XML Documents},
        proceedings={2nd International ICST Workshop on Trusted Collaboration},
        keywords={Bandwidth  Computer science  Cryptography  Data security  Encoding  Information security  Publish-subscribe  Scalability  Web services  XML},
  • Mohamed Nabeel
    Elisa Bertino
    Year: 2008
    A Structure Preserving Approach for Securing XML Documents
    DOI: 10.1109/COLCOM.2007.4553802
Mohamed Nabeel1,*, Elisa Bertino1,*
  • 1: Department of Computer Science, Purdue University, West Lafayette, Indiana 47907
*Contact email: nabeel@cs.purdue.edu, bertinol@cs.purdue.edu


With the widespread adoption of XML as the message format to disseminate content over distributed systems including Web Services and Publish-Subscribe systems, different methods have been proposed for securing messages. We focus on a subset of such systems where incremental updates are disseminated. The goal of this paper is to develop an approach for disseminating only the updated or accessible portions of XML content while assuring confidentiality and integrity at message level. While sending only the updates greatly reduces the bandwidth requirements, it introduces the challenge of assuring security efficiently for partial messages disseminated to intermediaries and clients. We propose a novel localized encoding scheme based on conventional cryptographic functions to enforce security for confidentiality and content integrity at the granularity of XML node level. We also address structural integrity with respect to the complete XML document to which clients have access. Our solution takes every possible measure to minimize indirect information leakage by making the rest of the structure of XML documents to which intermediaries and clients do not have access oblivious. The experimental results show that our scheme is superior to conventional techniques of securing XML documents when the percentage of update with respect to original documents is low.