Decentralized authorization and data security in web content delivery

Get BibTex-formatted data

Author

Danfeng Yao, Yunhua Koglin, Elisa Bertino, Roberto Tamassia

Entry type

proceedings

Abstract

The fast development of web services, or more broadly, service-oriented architectures (SOAs), has prompted more organizations to move contents and applications out to the Web. Softwares on the web allow one to enjoy a variety of services, for example translating texts into other languages and converting a document from one format to another. In this paper, we address the problem of maintaining data integrity and confidentiality in web content delivery when dynamic content modifications are needed. We propose a flexible and scalable model for secure content delivery based on the use of roles and role certificates to manage web intermediaries. The proxies coordinate themselves in order to process and deliver contents, and the integrity of the delivered content is enforced using a decentralized strategy. To achieve this, we utilize a distributed role lookup table and a role-number based routing mechanism. We give an efficient secure protocol, iDeliver, for content processing and delivery, and also describe a method for securely updating role lookup tables. Our solution also applies to the security problem in web-based workflows, for example maintaining the data integrity in automated trading, contract authorization, and supply chain management in large organizations.

Date

2007

URL

http://portal.acm.org/citation ... 8143&CFTOKEN=95260317

Booktitle

Symposium on Applied Computing. Proceedings of the 2007 ACM symposium on Applied computing

Key alpha

Bertino

Pages

1654-1661

Publisher

ACM

Affiliation

Purdue University

Publication Date

2007-00-00

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Proceedings{ Bertino,
	title = "Decentralized authorization and data security in web content delivery",
	author = "Danfeng Yao, Yunhua Koglin, Elisa Bertino, Roberto Tamassia",
	year = "2007",
	booktitle = "Symposium on Applied Computing. Proceedings of the 2007 ACM symposium on Applied computing",
	pages = "1654-1661",
	publisher = "ACM",
	abstract = "The fast development of web services, or more broadly, service-oriented architectures (SOAs), has prompted more organizations to move contents and applications out to the Web. Softwares on the web allow one to enjoy a variety of services, for example translating texts into other languages and converting a document from one format to another. In this paper, we address the problem of maintaining data integrity and confidentiality in web content delivery when dynamic content modifications are needed. We propose a flexible and scalable model for secure content delivery based on the use of roles and role certificates to manage web intermediaries. The proxies coordinate themselves in order to process and deliver contents, and the integrity of the delivered content is enforced using a decentralized strategy. To achieve this, we utilize a distributed role lookup table and a role-number based routing mechanism. We give an efficient secure protocol, iDeliver, for content processing and delivery, and also describe a method for securely updating role lookup tables. Our solution also applies to the security problem in web-based workflows, for example maintaining the data integrity in automated trading, contract authorization, and supply chain management in large organizations.",
	affiliation = "Purdue University",
	url = "http://portal.acm.org/citation.cfm?id=1244002.1244353&coll=ACM&dl=ACM&CFID=67118143&CFTOKEN=95260317",
}