Fine-Grained and Scalable Approaches for Message Integrity

When we have multiple users compiling a single message, including shared contents, metadata, policy, and so on, the integrity of the contents created by individual users needs to be maintained in an effective manner. There is an urgent need for new mechanisms in a trusted content-sharing environment to support multiple signers for the same message, which can be dynamically updated with autonomous protection and maintenance mechanisms. In our previous work we identified and compared three different binding mechanisms including monolithic, autonomous, and chained binding mechanisms, using digital signatures. The original work was designed and implemented for digital certificates. In this paper we apply those schemes with extension to the organization-to-organization messaging services that require effective integrity verification and tracking mechanisms at the user-level in the receiving organization in a scalable manner with fine granularity. We implement our ideas in the Java remote method invocation (RMI) platform and discuss the trade-offs of the signature schemes based on our experimental results

[1]  Robert W. Shirey The defense message system , 1990, CCRV.

[2]  Ravi S. Sandhu,et al.  Binding identities and attributes using digitally signed certificates , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[3]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[4]  Leonard J. LaPadula,et al.  MITRE technical report 2547, volume II , 1996 .

[5]  D. E. Bell,et al.  Secure Computer Systems : Mathematical Foundations , 2022 .

[6]  Jeremy Epstein Architecture and concepts of the ARGuE Guard , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[7]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .

[8]  Mark Bartel,et al.  Xml-Signature Syntax and Processing , 2000 .

[9]  Eric Monteith Genoa TIE, advanced boundary controller experiment , 2001, Seventeenth Annual Computer Security Applications Conference.

[10]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[11]  J. Giordano,et al.  Fine-grained, scalable, and secure key management scheme for trusted military message systems , 2004, IEEE MILCOM 2004. Military Communications Conference, 2004..

[12]  Carl E. Landwehr,et al.  A security model for military message systems , 1984, TOCS.

[13]  Joon S. Park Towards Secure Collaboration on the Semantic Web , 2003, CSOC.

[14]  K. P. Bosworth,et al.  Public Key Infrastructures — the Next Generation , 2001 .

[15]  Warwick Ford,et al.  Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework , 1999, RFC.

[16]  Carlisle M. Adams,et al.  Internet X.509 Certificate Request Message Format , 1999, RFC.