Secure outsourcing of XML data - PowerPoint PPT Presentation

Loading...

PPT – Secure outsourcing of XML data PowerPoint presentation | free to download - id: 6fa7a1-Y2U0M



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

Secure outsourcing of XML data

Description:

Secure outsourcing of XML data Barbara Carminati University of Insubria at Varese barbara.carminati_at_uninsubria.it http://www.dicom.uninsubria.it/~barbara.carminati – PowerPoint PPT presentation

Number of Views:89
Avg rating:3.0/5.0
Slides: 71
Provided by: utda2
Learn more at: http://www.utdallas.edu
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: Secure outsourcing of XML data


1
Secure outsourcing of XML data
  • Barbara Carminati
  • University of Insubria at Varese
  • barbara.carminati_at_uninsubria.it
  • http//www.dicom.uninsubria.it/barbara.carminati

2
Software as a Service
  • Get
  • What you need
  • When you need it
  • Pay for
  • What you use
  • Dont worry about
  • Deployment, installation, maintenance, upgrades
  • Hire/train/retain people

3
Emerging trend data outsourcing
  • Database as a Service (DBaaS), why?
  • Most organizations need efficient data management
  • DBMSs are extremely complex to deploy, setup, and
    maintain
  • Require skilled DBAs (at very high cost!)
  • Driven by faster, cheaper, and more accessible
    networks

4
Traditional architecture
Client
5
Third-party architecture
Outsourced db
Data
Internet
Data Provider
Data owner
Results
Queries
6
Research issues
  • Distributed query management
  • Consistency
  • Security Privacy
  • Main requirements confidentiality, integrity,
    authenticity, completeness, etc

7
Security Privacy
  • NaÏve solution
  • Data providers are trusted -- they always operate
    according to owners security and privacy policies

8
Security Privacy
  • To be satisfied even in the presence of an
    untrusted provider that
  • Can modify/delete the data
  • Can access sensitive/private information
  • Can send data to non authorized users
  • Can send a user not all the information he/she is
    authorized to access
  • Can be attacked from outside
  • To be satisfied by incurring minimal computation
    and bandwidth overhead

9
Main requirements
  • Confidentiality
  • Authenticity/integrity
  • Completeness

10
Confidentiality
  • Confidentiality
  • Data are disclosed only to authorized users
  • Usually, confidentiality requirements are
    expressed through a set of access control policies

11
Access control
Authorizations
Reference Monitor
Access request
12
Confidentiality
  • When data are outsourced, confidentiality has a
    twofold meaning
  • Confidentiality wrt users
  • protect data against unauthorized users read
    accesses
  • Confidentiality wrt providers
  • protect the Owners data from read accesses by
    untrusted providers

13
Integrity
  • It refers to information protection from
    modifications
  • it involves several goals
  • Assuring the integrity of information with
    respect to the original information often
    referred to as authenticity
  • Protecting information from unauthorized
    modifications

14
Integrity/authenticity
  • Usually enforced through signature techniques
  • When data are outsourced
  • Traditional signature techniques are not enough
  • A user can be returned only selected portions of
    the data signed by the owner

15
Completeness
  • It refers to ensure that users receive all
    information they are entitled to access,
    according to the owner policies

16
Secure outsourcing of XML data
  • our proposal

17
Scenario
Provider
  • We focus on XML
  • The Owner is the producer of information. It
    specifies access control policies
  • The Provider is responsible for managing (a
    portion of) the Owner information and answering
    user queries according to the access control
    policies specified by the Owner

XML Source
Credential base
Policy Base
XML docs
Owner
18
Scenario
  • We focus on XML data
  • The Owner specifies access control policies
    according to an access control model supporting
  • Fine-grained and credential-based access control
  • XML-based language to express access control
    policies and credentials (X-Sec)?

19
Example
  • X-Sec Alice Credential
  • Access Control Policy (encoded by X-Sec language)

ltx_profilegt ltsecretary level'7gt
ltnamegtAlice Rossilt/namegt ltdepartmentgtmarketi
nglt/typegt lttypegt administrativelt/typegt
ltemailgtarossi_at_myorganization.comlt/emailgt
lt/secretarygt lt/x_profilegt
20
Example
Alice submits this Xpath //organization/departme
nt/employee_at_levelgt4
lt?xml version"1.0" encoding"UTF-8"?gt ltOrganizati
ongt ltdepartment deptMarketinggt
ltemployeegt ltnamegt Alice Rossilt/namegt
ltsalarygt 80K lt/salarygt ltlevelgt 7lt/levelgt
lt/employeegt ltemployeegt ltnamegt Bob
Redlt/namegt ltsalarygt 50K lt/salarygt
ltlevelgt 5 lt/levelgt lt/employeegt
ltemployeegt ltnamegt Tom Blacklt/namegt
ltsalarygt 170K lt/salarygt ltlevelgt
12lt/levelgt lt/employeegt lt/departmentgt
ltdepartment deptHRgt ltemployeegt ltnamegt Kim
lt/namegt ltsalarygt 150K lt/salarygt
ltlevelgt 11 lt/levelgt lt/employeegt
ltemployeegt ltnamegt Annlt/namegt ltsalarygt 80K
lt/salarygt ltlevelgt 7lt/levelgt
lt/employeegt lt/departmentgt lt/Organizationgt
denied
Access control policy authorizes Alice to
see department_at_deptMarketing/employee_at_levellt
10
denied
denied
21
Problem
Provider 2
XML docs
Provider 1
XML Source
Credential base
Policy Base
XML docs
  • Strategies for ensuring confidentiality,
    authenticity and completeness
  • even if the provider is not trusted

XML docs
Owner
XML docs
Provider 3
Untrusted
Provider 4
22
Proposed solution overall idea
  • The owner outsources to providers a Security
    Enhanced Encryption of the original XML docs,
    where
  • Authenticity and integrity are enforced by an
    alternative digital signature devised for XML
    docs, i.e., Merkle Signature
  • Confidentiality is ensured by the properties of
    Well formed encryption
  • It contains security information, that makes the
    providers able to evaluate queries.
  • Moreover, the owner provides users with auxiliary
    data structures (i.e., Query templates), that
    make them able to submit queries directly to
    providers and verify the obtained query results

23
Owner-side processing
Merkle Signature



XML document
Well-formed encryption
Partioning information Authenticity information
Security Information
K1
Kj

Km
Kp



SE-ENC document
Removal of encrypted content




Query Template
24
System architecture
Decryption keys
SE-ENC document
credentials
User
25
System architecture




Query Template




SE-ENC document
XML query
Reply Document
User
26
  • Confidentiality enforcement

27
Confidentiality issues
  • Secure data outsourcing implies two different
    confidentiality issues
  • Confidentiality with respect to users
  • Confidentiality with respect to providers

28
Confidentiality
  • Problem Providers must be able to evaluate
    queries and enforce access control policies on
    XML documents, by respecting at the same time
    confidentiality requirements
  • Solution based on encryption techniques

29
Well Formed Encryption
  • The idea is that before sending a document to a
    provider, the owner encrypts it
  • Well formed encryption
  • The approach is based on encrypting all document
    portions to which the same set of access
    control policies apply with the same key

30
Well-Formed Encryption
P2
1
P1,P3
5
P1,P3
2
8
13
9
7
6
4
3
P3
P1,P3
P1,P3
P1,P3
P1,P3
14
10
P3
12
11
15
16
31
Well-Formed Encryption
P2
1
Node encrypted with key K1
P1,P3
5
P1,P3
2
8
13
9
7
6
4
3
P3
P1,P3
P1,P3
P1,P3
P1,P3
14
10
P3
12
11
15
16
32
Well-Formed Encryption
P2
1
P1,P3
5
P1,P3
2
8
13
9
7
6
4
3
P3
P1,P3
P1,P3
P1,P3
P1,P3
14
10
P3
Nodes encrypted with key K2
12
11
15
16
33
Well-Formed Encryption
P2
1
P1,P3
5
P1,P3
2
8
13
7
6
4
3
P3
9
P1,P3
P1,P3
P1,P3
P1,P3
14
10
P3
Nodes encrypted with key K3
12
11
15
16
34
Well-Formed Encryption
P2
1
P1,P3
5
P1,P3
8
2
13
P3
9
7
6
4
3
P1,P3
P1,P3
P1,P3
P1,P3
14
10
P3
Nodes encrypted with key Kd
12
11
15
16
35
Well-Formed Encryption
P2
1
P1,P3
5
P1,P3
8
2
13
P3
9
7
6
4
3
P1,P3
P1,P3
P1,P3
P1,P3
14
10
P3
P1
K2
P2
K1
12
11
15
16
P3
K2, K3
36
Well Formed Encryption Key management
  • The owner does not supply any key to providers
  • Keys are properly stored by the owner into the
    user entries in the directory server.
  • Each user entry contains the key(s) corresponding
    to access control policies satisfied by the
    user
  • Hierarchical key management scheme that minimizes
    the number of keys to be permanently stored

37

Well Formed Encryption pro
  • Each node of the resulting encrypted document is
    accessible only by authorized users
  • It prevents provider accesses to the managed
    data
  • Well-formed encryption ensures
    confidentiality both wrt users and Providers

38
Well Formed Encryption cons
  • Issue
  • How can the Provider evaluate queries on XML
    encrypted data?

39
Quering XML encrypted data
  • - Querying encrypted documents is a difficult
    issue and greatly depends on the kinds of queries
    that are submitted to providers.
  • - In our scenario, we assume users submit XPath
    expressions

40
Quering XML encrypted data
  • - Xpath expressions
  • Queries that impose conditions only on the
    structure of the XML document (structure
    queries)?
  • Queries that impose conditions also on data
    content (content-dependent queries)

41
Quering XML encrypted data
  • - Xpath expressions
  • Queries that impose conditions only on the
    structure of the XML document (structure
    queries)?
  • Queries that impose conditions also on data
    content (content-dependent queries)

42
Well Formed Encryption
  • Well formend encryption is encoded by an XML
    document preserving the structure of the original
    XML document

Enc(tg1,K1)?
tg1
Enc(tg2,K2)?
Enc(tg2,K2)?
tg2
tg2
Enc(tg3,K1)?
tg3
tg3
Enc(tg3,K3)?
Att
Att
Enc(Att,K1)?
Enc(Att,K3)?
43
Well Formed Encryption
  • Preserving the original doc structure greatly
    facilitates the evaluation of structure queries
    over the encrypted document
  • But it implies some security threats
  • Data dictionary attacks by providers and users
  • At schema level (tag/attribute names)?
  • On element data contents/attribute values

44
Well Formed Encryption
  • To prevent data dictionary attacks we adopt the
    encryption scheme proposed by Song, Wagner and
    Perrig for textual data (IEEE Symposium on
    Security and Privacy,2000)
  • Different occurrences of the same word, encrypted
    with the same key, result in different
    encryptions
  • It is possible to perform keyword-based searches
    on the encrypted textual data without knowing
    decryption keys

45
Quering XML encrypted data structure queries
  • XPath expressions specify only the location path
  • Ex //tag1/tag2/tag3//
  • Since we preserve the structure, client simply
    generates the corresponding encrypted query
  • Ex //Enc(tag1,K1)/Enc(tag2,K2)/Enc(tag3,K1)//
  • Providers are able to evaluate the encrypted
    query directly on the encrypted document

46
Quering XML encrypted data
  • - Xpath expressions
  • Queries that impose conditions only on the
    structure of the XML document (structure
    queries)?
  • Queries that impose conditions also on data
    content (content-dependent queries)

47
Quering XML encrypted data content-dep. queries
  • In order to make a provider able to evaluate
    conditions on encrypted data, we provide it with
    additional information
  • In particular, on the basis of the data domain,
    we use two different strategies
  • non-textual data Hacigums et al. (SIGMOD 2002)?
  • textual data Song et al. (IEEE Symposium on
    Security and Privacy,2000)?

48
Quering XML encrypted data content-dep. queries
  • Proposed solution for non-textual data
  • Previous research on querying encrypted
    relational db (H.Hacigumus et al.)?
  • Given a relation R, the data owner divides the
    domain of each attribute into distinguished
    partitions, to which it assigns a different id
  • For each encrypted tuple, the provider receives
    also the partition ids of each of its attributes
  • The provider is able to perform queries
    directly on the encrypted tuples, by exploiting
    the partitioning ids

49
Quering XML encrypted data content-dep. queries
Employee relation
Provider
SELECT FROM Employee WHERE Salary275
SELECT FROM Employee WHERE ID_salary46
50
Quering XML encrypted data content-dep. queries
Provider
Owner
51
Quering XML encrypted data content-dep. queries
  • Proposed solution for textual data
  • A first phase during which the Owner preprocesses
    the textual data contained in an
    attribute/element and extracts from them a set of
    meaningful keywords.
  • Second phase where each keyword is encrypted
    according to the Song et al. schema

52
Quering XML encrypted data content-dep. queries
Provider
Owner
tg1
tg2
tg2
tg3
tg4
53
  • Authenticity and Integrity
  • enforcement

54
Authenticity/integrity
  • To ensure authenticity in two-party architectures
    traditional digital signature works well

query
Signed view
Owner
55
But
.traditional digital signatures have some
problems in third-party architectures!!
Owner
56
Merkle Signature
  • An alternative way to sign an XML doc
  • By applying a unique digital signature on an XML
    doc it is possible to ensure the authenticity of
  • the whole document
  • any portions of it
  • It uses a different way to compute the digest of
    XML docs,
  • based on the Merkle tree authentication
    mechanisms

57
Merkle Signature
N1
  • An alternative way to sign an XML doc
  • By applying a unique digital signature on an XML
    doc it is possible to ensure the authenticity of
  • the whole document
  • any portions of it

N3
N2
N5
N4
N7
N6
MhX(N7)h(h(N7.content) h(N7)))?
  • It uses a different way to compute the digest of
    XML docs, based on the Merkle tree
    authentication mechanisms

58
Merkle Signature
N1
  • An alternative way to sign an XML doc
  • By applying a unique digital signature on an XML
    doc it is possible to ensure the authenticity of
  • the whole document
  • any portions of it

N3
N2
N5
N4
N7
N6
MhX(N3)h(h(N3.content) h(N3) MhX(N6)
MhX(N7))?
  • It uses a different way to compute the digest of
    XML docs, based on the Merkle tree
    authentication mechanisms

59
Merkle Signature
N1
  • An alternative way to sign an XML doc
  • By applying a unique digital signature on an XML
    doc it is possible to ensure the authenticity of
  • the whole document
  • any portions of it

N3
N2
N5
N4
N7
N6
J8ygVS8nqtlF5HP3FBj9eZU/KYY
Merkle Signature
  • It uses a different way to compute the digest of
    XML docs, based on the Merkle tree
    authentication mechanisms

60
Merkle hash paths
  • How can a user validate the Merkle signature
    computed on the whole XML document by having only
    a portion of it?
  • Merkle Hash Paths

61
Merkle Hash Paths for a leaf node
  • The Merkle hash Path between v and v consists
    of
  • the Merkle hash values of all the siblings of
    the nodes belonging to the path connecting v to
    v

v
1
2
3
3
v
5
5
4
7
6
8
9
11
13
10
12
14
16
15
17
MhPath(4,1)?
62
Merkle Hash Paths
  • Since the provider operates on encrypted data, it
    is not able to compute Merkle hash paths
  • The owner includes into the SE-Enc docs the hash
    value of each node

63
  • Completeness
  • enforcement

64
Completeness
  • Completeness is verified through the use of Query
    Templates
  • The query template consists of the SE-ENC
    document (i.e., the well formed encryption, plus
    the additional information) without data content.
  • By executing queries submitted to the provider
    on the query template, a user is able to verify
    the completeness of the query answer without
    accessing information he/she is not allowed to
    see.

65
Completeness
  • The encrypted data structure makes user able to
    verify the completeness of structure queries
  • By exploiting partition information and ciphered
    keywords, a user is able to verify the
    completeness of content-dependent queries

66
  • Conclusion

67
Owner-side processing
Merkle Signature



XML document
Well-formed encryption
Partioning information Authenticity information
Security Information
K1
Kj

Km
Kp



SE-ENC document
Removal of encrypted content




Query Template
68
Provider-side processing
Query evaluation
SE-ENC document
Create Reply document
Insert Merkle Signature

Insert information needed for authenticity
verification

Reply document
69
User-side processing
Confidentiality verification


Reply document
Authenticity verification
Completeness verification




Query Template
70
System architecture
Users
Alice Bob Frank
Providers
User
71
References
  • Papers in XML
  • B. Carminati, E. Ferrari. Confidentiality
    Enforcement for XML Outsourced Data. In Proc. of
    the Second International EDBT Workshop on
    Database Technologies for Handling XML
    Information on the Web, Munich, Germany, March
    2006.
  • B. Carminati, E. Ferrari, E. Bertino. Assuring
    Security Properties in Third Party Architecture.
    Proc. of the International Conference on Data
    Engineering (ICDE05), poster paper.
  • B. Carminati, E. Ferrari. Trusted Privacy
    Manager A System for Privacy Enforcement on
    Outsourced Data. Proc. of the International
    Workshop on Privacy Data Management, Tokyo,
    Japan, April 2005.
  • E. Bertino, B. Carminati, E. Ferrari, B.
    Thuraisingham, A. Gupta. Selective and Authentic
    Third-party Distribution of XML Document. IEEE
    Transactions on Knowledge and Data Engineering,
    16(10) 1263-1278, 2004.
  • E. Bertino, B. Carminati, E. Ferrari. A Flexible
    Authentication Method for UDDI Registres. Proc.
    of the 2003 International Conference on Web
    Services (ICWS'03), Las Vegas, June 2003.
  • E. Bertino, B. Carminati, E. Ferrari. A temporal
    key management scheme for secure broadcasting of
    XML documents. Proc. of the 9th ACM conference on
    Computer and Communications Security, Washington,
    November 2002.
  • E. Bertino, E. Ferrari. Secure and Selective
    Dissemination of XML Documents. ACM Transactions
    on Information and System Security (TISSEC),
    5(3) 290- 331, 2002.
  • Papers in relational data
  • H.Hacigumus, B.Iyer, C.Li, and S.Mehrotra.
    Executing SQL over Encrypted Data in the Database
    Service Provider Model. In Proceedings of the
    SIGMOD Conference, 2002.
  • D. X. Song, D. Wagner and A. Perrig, Practical
    Techniques for Searches on Encrypted Data, In
    Proceedings of the IEEE Symposium on Security and
    Privacy, Oakland, California, 2000.
  • B. Chor, O. Goldreich, E. Kushilevitz, M. Sudan.
    Private Information Retrieval In Proc. of
    Symposium on Foundations of Computer Science,1995
  • Devanbu P., Gertz M., Martel C., Stubblebine S.G.
    Authentic Third-party Data Publication. In Proc.
    of the 14th Annual IFIP WG 11.3 Working
    Conference on Database Security, Schoorl, the
    Netherlands, 2000.
  • Goh E., Secure Indexes, Cryptology ePrint
    Archive, Report 2003/216, 2003
  • Golle P., Staddon J. and Waters B., Secure
    Conjunctive Keyword Search Over Encrypted Data,
    In Proc. of the Applied Cryptography and Network
    Security Conference, 2004.
  • Mykletun E., Narasimha M.,Tsudik G.
    Authentication and Integrity in Outsourced
    Databases. In Proc. of the 11th Annual Symposium
    on Network and Distributed System Security, San
    Diego, California, 2004.
  • Pang H., Jain A., Ramamritham K. and Tan K.,
    Verifying completeness of relational query
    results in data publishing, In Proc. of the ACM
    SIGMOD international conference on Management of
    data, Baltimore, Maryland, 2005
About PowerShow.com