Secure Publishing of XML Documents

  • Barbara Carminati
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2490)


Secure publication over the Internet of XML data is becoming a crucial need as XML is rapidly becoming a standard for document representation and exchange over the Web. Publishing services must have a mechanism that ensures that a user receives all and only those portions of information he/she is entitled to access (for instance those for which the user has paid a subscription fee) and that these contents are not eavesdropped during their transmission from the publishing service to the user. In this paper we present the work carried on in the area of secure XML publishing as part of the Ph.D. activity. More precisely, we describe a preliminary architecture for an XML Publisher, emphasizing the open issues to be covered.


Digital Library Secure Publishing Access Control Policy Access Control Model Access Request 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    RJ Anderson, JH Lee. Jikzi: A New Framework for Secure Publishing. Security Protocols: Proceedings of the 5th international workshop.Google Scholar
  2. 2.
    E. Bertino, B. Carminati, E. Ferrari. XML Security. Information Security Technical Report, Vol 6-2, 44–58, 2001, Elsevier Advanced Technology.CrossRefGoogle Scholar
  3. 3.
    E. Bertino, B. Carminati, E. Ferrari. A Secure Publishing Service for Digital Libraries of XML Documents. Information Security Conference (ISC01), Lecture Notes in Computer Science, 2200:347–362, Malaga, Spain, 2001.Google Scholar
  4. 4.
    E. Bertino, B. Carminati, E. Ferrari, B. Thuraisingham, A. Gupta. Selective and Authentic Third-party Distribution of XML Document. Technical Report DSI, University of Milano. Submitted for publication.Google Scholar
  5. 5.
    B. Carminati, E. Ferrari. Management of Access Control Policies for XML Document Sources. Technical Report DSI, University of Milano. Submitted for publication.Google Scholar
  6. 6.
    D. Beech, M. Maloney, N. Mendelsohn, H. Thompson. XML Schema Part 1: Structures. W3C Proposed Recommendation, October 2000.Google Scholar
  7. 7.
    A. Deutsch, M. Fernandez, D. Florescu, A. Levy, and D. Suciu. A Query Language for XML. In Proc. Int’l Conference on World Wide Web, Toronto, Canada, May 1999. Available at:
  8. 8.
    C. Geuer Pollmann. The XML Security Page. Available at html.
  9. 9.
    H. Gladney, and J. Lotspiech. Safeguarding Digital Library Contents and Users: Assuring Convenient Security and Data Quality. D-lib Magazine, May 1997.Google Scholar
  10. 10.
    R.C. Merkle A Certified Digital Signature. In Advances in Cryptology-Crypto’ 89, 1989.Google Scholar
  11. 11.
    J. Robbie. XQL’99 Proposal, 1999. Available at
  12. 12.
    P. Katis, N. Sabadini, R.F.C. Walters. A formalization of the IWIM model. COORDINATION 2000, (Eds.) Porto, A.; Roman, G.-C., (Eds.), LNCS 1906, pages 267–283, 2000.Google Scholar
  13. 13.
    W. Stallings. Network Security Essentials: Applications and Standards. Prentice Hall, 2000.Google Scholar
  14. 14.
    Wen-Guey Tzeng. A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy. IEEE Transactions on Knowledge and Data Engineeriing, 2001.Google Scholar
  15. 15.
    M. Winslett, N. Ching, V. Jones, I. Slepchin. Using Digital Credentials on the World Wide Web. Journal of Computer Security, 7, 1997.Google Scholar
  16. 16.
    World Wide Web Consortium. XLink XML Linking Language, 1.0, 1999. W3C Recommendation. Available at
  17. 17.
    Word Wide Web Consortium. Extensible Markup Language (XML) 1.0, 1998.Google Scholar
  18. 18.
    World Wide Web Consortium. XML Encryption Working Group, 2001.
  19. 19.
    World Wide Web Consortium. XML Signature, 2001.
  20. 20.
    World Wide Web Consortium. XML Path Language (Xpath), 1.0, 1999. W3C Recommendation. Available at
  21. 21.
    World Wide Web Consortium. XML Query (XQuery), 1.0, 2001. W3C Working Draft. Available at

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Barbara Carminati
    • 1
  1. 1.Dipartimento di Scienze dell’InformazioneUniversita’ degli Studi di MilanoItaly

Personalised recommendations