Securing confidential data in XML using custom level encryption

Web application, web services and mobile computing are extensively using sensitive data. In some scenario, confidential data will be stored into the XML node. Encryption is the solution to keep confidential data in the XML file. Encryption and decryption uses same the key in symmetric algorithm. Blowfish is a proven symmetric encryption algorithm. Encrypting entire XML document using Blowfish leads to performance degradation. Encrypting entire document is not necessary. Semi-confidential information can be encrypted by custom encryption method by using key parameter. The parameter indicates the sensitivity of the data.

[1]  Anupkumar M. Bongale,et al.  LRXE: Lite-RSA for XML Encryption suitable for computational constraint devices , 2014, 2014 IEEE Global Conference on Wireless Computing & Networking (GCWCN).

[2]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[3]  Ali Miri,et al.  An Efficient Conjunctive Keyword and Phase Search Scheme for Encrypted Cloud Storage Systems , 2015, 2015 IEEE 8th International Conference on Cloud Computing.

[4]  Yi Mu,et al.  Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption , 2012, IEEE Trans. Parallel Distributed Syst..

[5]  Randy H. Katz,et al.  Above the Clouds: A Berkeley View of Cloud Computing , 2009 .

[6]  Ivan Damgård,et al.  Homomorphic encryption and secure comparison , 2008, Int. J. Appl. Cryptogr..

[7]  Ali Miri,et al.  Computation and Search over Encrypted XML Documents , 2015, 2015 IEEE International Congress on Big Data.

[8]  Hua Zhang,et al.  An efficient Public Key Encryption with Conjunctive Keyword Search scheme based on pairings , 2012, 2012 3rd IEEE International Conference on Network Infrastructure and Digital Content.

[9]  Azhar Rauf,et al.  Efficient XQuery over encrypted XML documents , 2015, 2015 10th International Conference on Computer Science & Education (ICCSE).

[10]  Qiaoyan Wen,et al.  Circuit Ciphertext-Policy Attribute-Based Hybrid Encryption with Verifiable Delegation in Cloud Computing , 2016, IEEE Transactions on Parallel and Distributed Systems.

[11]  P. Sharma,et al.  Modified RSA Encryption Algorithm (MREA) , 2012, 2012 Second International Conference on Advanced Computing & Communication Technologies.

[12]  Sharad Mehrotra,et al.  Querying Encrypted XML Documents , 2006, 2006 10th International Database Engineering and Applications Symposium (IDEAS'06).

[13]  Tatsuaki Okamoto,et al.  A Universally Composable Secure Channel Based on the KEM-DEM Framework , 2006, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[14]  Gautam Biswas,et al.  Diffie-Hellman technique: extended to multiple two-party keys and one multi-party key , 2008, IET Inf. Secur..

[15]  Muttukrishnan Rajarajan,et al.  Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption , 2012, IEEE Transactions on Parallel and Distributed Systems.

[16]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[17]  Ronald Cramer,et al.  Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..

[18]  Vinod Vaikuntanathan,et al.  How to Delegate and Verify in Public: Verifiable Computation from Attribute-based Encryption , 2012, IACR Cryptol. ePrint Arch..

[19]  Eike Kiltz,et al.  Secure Hybrid Encryption from Weakened Key Encapsulation , 2007, CRYPTO.

[20]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[21]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[22]  Navaneeha Polepally,et al.  Circuit Cipher text-Policy Attribute-Based Hybrid Encryption with Verifiable Delegation in Cloud Computing , 2017 .