A Secure Publishing Service for Digital Libraries of XML Documents

  • Elisa Bertino
  • Barbara Carminati
  • Elena Ferrari
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2200)


Secure publication over the Internet of XML data is becoming a crucial need as XML is rapidly becoming a standard for document representation and exchange over the Web. Publishing services must have a mechanism that ensures that a user receives all and only those portions of information he/she is entitled to access (for instance those for which the user has paid a subscription fee). Furthermore, such a mechanism must ensure that these contents are not eavesdropped during their transmission from the publishing service to the user. In this paper, we propose an architecture for secure publishing of XML documents. Distinguishing features of our proposal is the flexibility the publishing service offers both in terms of the way users can select the contents they are interested in and in the way the contents are delivered to users. Secure content delivery to users is obtained through the use of different encryption schemes, which ensure that only subscribed users can access the contents managed by the publishing service. In the paper, we first present an overall view of the proposed approach. We then introduce the components of the architecture and the encryption schemes we have developed. Finally, we present algorithms for information delivery to users.


Publishing Service Encryption Scheme Digital Library Secure Publishing Distribution Mode 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    E. Bertino, B. Carminati, E. Ferrari, B. Thuraisingham, A. Gupta. Selective and Authentic Third-party Distribution of XML Document. Tecnical Report DSI, University of Milano. Submitted for publication.Google Scholar
  2. 2.
    E. Bertino, S. Castano, E. Ferrari. Securing XML Documents: the Author-X Project Demonstration. In Proc. of the ACM SIGMOD 2001 Conference, Santa Barbara, CA, May 2001.Google Scholar
  3. 3.
    E. Bertino, S. Castano, E. Ferrari and M. Mesiti. Specifying and Enforcing Access Control Policies for XML Document Sources. World Wide Web Journal, Baltzer Science Publishers, 3(3), 2000.Google Scholar
  4. 4.
    G.C. Chick, S.E. Tavares. Flexible Access Control with Master Keys. In Proc. of the Conference on Advances in Crypology (EUROCRYPT ’89), pages 316–322, 1998.Google Scholar
  5. 5.
  6. 6.
    S. Halevi, and E. Petrank. Storing classified file. Available at
  7. 7.
    M. Moyer, J.R. Rao, P. Rohatgi. A Survey of Security Issues in Multicast Communications. IEEE Network 13, 6(Nov/Dec), 16–23, 1999.CrossRefGoogle Scholar
  8. 8.
    RSA Data Security Inc.
  9. 9.
    W. Stallings. Network Security Essentials: Applications and Standars. Prentice Hall, 2000.Google Scholar
  10. 10.
    A. Wool. Key Management for Encrypted Broadcast. ACM Transactions on Information and System Security, Vol. 3, 107–134, May 2000.CrossRefGoogle Scholar
  11. 11.
    Word Wide Web Consortium. Extensible Markup Language (XML) 1.0, 1998.Google Scholar
  12. 12.
    World Wide Web Consortium (dy1999). XML Path Language (Xpath) 1.0.

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Elisa Bertino
    • 1
  • Barbara Carminati
    • 1
  • Elena Ferrari
    • 2
  1. 1.Dipartimento di Scienze dell’InformazioneUniversitá di MilanoMilanoItaly
  2. 2.Dipartimento di Chimica, Fisica e MatematicaUniversitá dell’InsubriaComoItaly

Personalised recommendations