A distributed access control framework for XML document centric collaborations

Rahaman, Mohammad Ashiqur; Roudier, Yves; Schaad, Andreas
Research report RR-08-219

Collaboratively working on documents within a distributed context is a non-trivial task, in particular if neither a centralized access control policy enforcement platform nor a centralized document repository can be assumed to be present. Decoupling the specification of the access control policy of documents from its later autonomous enforcement can make it easier to edit documents in a decentralized yet secure fashion. This paper introduces a distributed and fine grained access control framework for XML document centric collaborations. The framework addresses the authenticity, confidentiality, integrity, and traceability of circulated documents and their updates. It is fully distributed in that each participant can enforce and verify these security properties without relying on a central authority. Novel aspects of the proposed framework include the adoption of a decentralized key management scheme that provides support for the cryptographic enforcement of a credential based access control policy. This scheme is driven by the access interests expressed by the participants over document parts. A protocol for the controlled edition of a document is finally introduced based on these techniques.

Digital Security
Eurecom Ref:
© EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in Research report RR-08-219 and is available at :
See also:

PERMALINK : https://www.eurecom.fr/publication/2469