Specifying Access Policies for Secure Content Dissemination of XML: A Technique Inspired by DNA Cryptography

SOA helps to provide business agility by configuring entities to maximize loose coupling and reuse. XML is the most relevant means to provide interoperatablity among various entities. When in network, a XML file can be prone to hacking and unauthorized access, thus data integrity and confidentiality are the important issues of communication. Secure dissemination of an XML file is one of the techniques to ensure data integrity and confidentiality. This paper presents a secure dissemination technique such that extraneous data not meant for a legitimate consumer is inaccessible, there will be no information leak. The technique applies DNA cryptography due to its feature of compactness and simplicity. The technique encrypts the data and hides it in a garbage file; such that only legitimate consumer can see only the subscribed amount of data according to the access policies using the restriction enzymes. The paper also presents multicast dissemination interface that implements the proposed technique at the server level. The interface is built dynamically and asynchronously using a publish–subscribe methodology. The results indicate that the proposed technique not only satisfies the requirement specification of secure dissemination, but also points out its robustness in terms of time required to break the key. The technique is computationally secure as the time to crack the key is quite long and increases with increase in key length.

[1]  Xing Wang,et al.  DNA computing-based cryptography , 2009, 2009 Fourth International on Conference on Bio-Inspired Computing.

[2]  Donald E. Knuth,et al.  The Art of Computer Programming, Volume I: Fundamental Algorithms, 2nd Edition , 1997 .

[3]  L. O'Brien Lero,et al.  Quality Attributes for Service-Oriented Architectures , 2007, International Workshop on Systems Development in SOA Environments (SDSOA'07: ICSE Workshops 2007).

[4]  Mohammad Ashiqur Rahaman,et al.  XML secure views using semantic access control , 2010, EDBT '10.

[5]  John H. Reif,et al.  DNA-based Cryptography , 1999, Aspects of Molecular Computing.

[6]  Gabriel M. Kuper,et al.  Generalized XML security views , 2005, SACMAT '05.

[7]  Gail-Joon Ahn,et al.  Proceedings of the tenth ACM symposium on Access control models and technologies , 2003 .

[8]  Makoto Murata,et al.  XML access control using static analysis , 2006, TSEC.

[9]  Akimitsu Okamoto,et al.  Public-key system using DNA as a one-way function for key distribution. , 2005, Bio Systems.

[10]  Yanfeng Wang,et al.  Information Security Technology Based on DNA Computing , 2007, 2007 International Workshop on Anti-Counterfeiting, Security and Identification (ASID).

[11]  Wenfei Fan,et al.  Secure XML querying with security views , 2004, SIGMOD '04.

[12]  Debabrata Datta,et al.  An Improved Symmetric Key Cryptography with DNA Based Strong Cipher , 2011, 2011 International Conference on Devices and Communications (ICDeCom).

[13]  Donald E. Knuth,et al.  fundamental algorithms , 1969 .

[14]  Peng Liu,et al.  A Flexible Framework for Architecting XML Access Control Enforcement Mechanisms , 2004, Secure Data Management.

[15]  Yanfeng Wang,et al.  An encryption scheme using DNA technology , 2008, 2008 3rd International Conference on Bio-Inspired Computing: Theories and Applications.

[16]  Andreas Schaad,et al.  Ontology-Based Secure XML Content Distribution , 2009, SEC.

[17]  Magdy Saeb,et al.  On covert data communication channels employing DNA recombinant and mutagenesis-based steganographic techniques , 2007 .

[18]  Avishek Adhikari DNA Secret Sharing , 2006, 2006 IEEE International Conference on Evolutionary Computation.

[19]  Kevin C. Almeroth,et al.  On the topology of multicast trees , 2003, TNET.

[20]  Nils Gruschka,et al.  Server-Side Streaming Processing of WS-Security , 2011, IEEE Transactions on Services Computing.

[21]  Elisa Bertino,et al.  A New Model for Secure Dissemination of XML Content , 2008, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).

[22]  S.V. Kartalopoulos,et al.  DNA-inspired cryptographic method in optical communications, authentication and data mimicking , 2005, MILCOM 2005 - 2005 IEEE Military Communications Conference.

[23]  Elisa Bertino,et al.  Secure and selective dissemination of XML documents , 2002, TSEC.