NSF by dffhrtcv3


									Secure and Selective Authentication and
Access Control of XML Documents


Secure Sharing of Digital Evidence

       Bhavani Thuraisingham

         November 11, 2009
  n   Motivation for Research on XML Security
  n   Technical Details of the Research on XML Security
      Applying approach to Digital Forensics
  n   Related work and Future Directions
  n   Appendix
  n   Based on paper
  n   Elisa Bertino, Barbara Carminati, Elena Ferrari, Bhavani M.
      Thuraisingham, Amar Gupta:
      Selective and Authentic Third-Party Distribution of XML
      Documents. 1263-1278
Motivation for Research on XML Security
 n XML (extensible Markup Language) Security
    n XML has become the standard document interchange language for the
    n XML is a critical technology for the semantic web
         n RDF and other specifications are built on XML

    n XML documents must satisfy security and privacy policies
    n Challenges: Access Control, Secure publishing, Secure Web Services
      Applications, Securing RDF, Secure semantic web, Temporal models,
      Privacy, Handling evolving XML specifications

 n Outline of XML Security Presentation
    n Access Control
         n Example XML document, Policy Specification, Access Control
           Strategy and Architecture
    n Third Party Publication of XML Documents
         n Architecture

         n Interactions between Owner, Publisher and Subject

         n Checking for Authenticity and Completeness

         n Potential Attacks and Performance Issues

         n Integrating Confidentiality with Authenticity and Completeness

         n Application: Secure Web Services
Example XML Document                                                                        Year: 2003

                                                                  Annual report
                                                                                              Name: UTD

                                                                Patents               Equipment             Other

       Dept                                  Asset
                                                                           Author                    Cash           Books

                           Funds                               Dept

              Date                                                    Short-desc


        Publishing service: how it works
              A new class of information-centered applications based on Data
             Possible scenarios:
                 Information commerce (Digital libraries, Electronic news, etc.)
                 Intra-company information systems

                                Publishing     n Push/Pull modes

                                               n Security requirements:
                                                   n   Confidentiality
                                                   n   Integrity
                         WEB                       n   Authenticity
                                                   n   Completeness

7/24/2013                                                                          5
Subject Credentials, Protection
Objects and Policy Base
 n Subjects are given access to XML documents or portions of
   documents depending on user ID and/or Credentials
 n Credential specification is based on credentials a subject has
     n Professor is a credential; Secretary is a credential
 n Protection objects are objects to which access is controlled
     n Entire XML documents or portions of XML documents
 n Policy base stores security policies for protecting the XML
   source contents
Subject Credential Base Example
<Professor credID=“9” subID = “16: CIssuer = “2”>
        <name> Alice Brown </name>
        <university> UTD <university/>
        <department> CS </department>
        <research-group> Security </research-group>

<Secretary credID=“12” subID = “4: CIssuer = “2”>
        <name> John James </name>
        <university> UTD <university/>
        <department>CS </department>
        <level> Senior </level>
        Policy Base Example
            <?xml version="1.0" encoding="UTF-8"?>
                <policy_spec ID=‘P1' cred_expr="//Professor[department='CS']"
                target="annual_report.xml" path="//Patent[@Dept='CS']//node()"
                <policy_spec ID=‘P2' cred_expr="//Professor[department='CS']"
                target="annual_report.xml" path="//Patent[@Dept='IST']/Short-descr/node()
                and //Patent[@Dept='IST']/authors" priv="VIEW"/>
                <policy_spec ID=‘P3' cred_expr="//Professor[department='IST'] "
                target="annual_report.xml" path="//Patent[@Dept='IST']//node()"
                <policy_spec ID=‘P4' cred_expr="//Professor[department='IST']"
                target="annual_report.xml" path="//Patent[@Dept='CS']/Short-descr/node()
                and //Patent[@Dept='CS']/authors" priv="VIEW"/>
                <policy_spec ID=‘P5' cred_expr="//secretary[department='CS' and
                level='junior']" target="annual_report.xml"
                path="//Asset[@Dept='CS']/node()" priv="VIEW "/>
                <policy_spec ID=‘P6' cred_expr="//secretary[department='CS' and
                level='senior']" target="annual_report.xml"
                path="//Asset[@Dept='IST']/Funds/@Type and
                //Asset[@Dept='IST']/Funds/@Funding-Date" priv="VIEW "/>
                <policy_spec ID=‘P7' cred_expr="//secretary[department='IST' and
                level='junior']" target="annual_report.xml"
                path="//Asset[@Dept='IST']/node()" priv="VIEW "/>
7/24/2013   </policy_base>                                                               8
Access Control Strategy
 n Subjects request access to XML documents under two
   modes: Browsing and authoring
     n With browsing access subject can read/navigate
     n Authoring access is needed to modify, delete, append
 n Access control module checks the policy based and applies
   policy specs
 n Views of the document are created based on credentials and
   policy specs
 n In case of conflict, least access privilege rule is enforced
 n Works for Push/Pull modes
System Architecture for Access
    Pull/Query                        Push/result

             X-Access         X-Admin

                 Policy         Credential
                 base           base

            Third-Party Architecture

                                    XML Source Credential   policy base

            n The Owner is the                                            SE-XML
              producer of
              information It
              specifies access
              control policies
                                                            Owner                Publisher
            n The Publisher is                                              Reply
              responsible for                                             document
              managing (a portion                      credentials
              of) the Owner
              information and                                                Query
              answering subject
            n Goal: Untrusted
              Publisher with
              respect to
              Authenticity and               User/Subject
7/24/2013                                                                                    11
Subject Owner Interaction
n Subjects register with Owner during subscription phase;
  during this phase subject is assigned by owner credentials
  stored at the owner site
n Owner returns to the subject the Subject Policy Configuration
  (policy identifiers) that apply to the subject signed with the
  private key of the owner
n Example: If polices P1 and P2 apply to John (e.g. CS prof) and
  policy P6 applies to Jane (IST secretary), owner Joe sends
  John P1 and P2 and to Jane P6 signed with Joe’s private key
              Subject Policy Configuration
            <?xml version="1.0" encoding="UTF-8" ?>
            <SubjectPolicyConfiguration ID=“ProfessorCS" created="08-05-2002">

                                                             P1, P2

7/24/2013                                                                            13
Owner Publisher Interaction
n For each document the owner sends the publisher the following
    n   Information on which subjects can access which portions of the document
        according to the policy base (I.e. access control policies)
    n   Policy element which describes the policies for the document is also
    n   Also for each element e based on the policies applied to e, the owner
        inserts policy configuration (binary string) converted to hexadecimal
    n   Merkle Signature of each document
n The document together with the security information is called
  “Security Enhanced Document” (SE-XML) and will enable the subject
  to verify the authenticity of the document
n Additional information encoded in the document called Secure
  Structure is used by the subject to verify completeness of the result
                                                                          Where m is the
              Policy Configuration/Policy                                 number of
                                                                          policies applied
              Element                                                     on document d

            n Consider the element e of an XML document d
            n The policy configuration of e consists of a binary
              string, of m bits where the i-th bit is equal to:
               n 1 if the policies, whose identifier is i, is applied on e
               n 0 otherwise
            n SE-XML document has information about the set of the
              m policies applied to the document:
                n   <Policy> 1, 2, 3, 4, 5, 6, 7 </Policy>
                n   For each element, policy information in hexadecimal
                    representation is also inserted

7/24/2013                                                                                    15
        Policy Configuration: example
            n Consider the short-descr element of the CS dept:
               n The only policies applied to it are: 1st and 4th policy (i.e. P1, P4)
               n According to the Policy element, these policies are located in the first and
                 fourth position of the policy configuration

                The policy configuration associated with short-descr element is

                short-descr’s PC value is 90 (hexadecimal representation)

7/24/2013                                                                                       16
        Publisher Policy evaluation: example
            1.   Decrypt with the Public key of the Owner the policies
                 applied to the subject (i.e., the Subject Policy
                 P1, P2
            2.   Match the obtained policy identifiers with the identifiers
                 contained in the Policy element
                 i.e. match P1, P2 with P1, P2, P3, P4, P5, P6, P7
            3.   Find the policies applicable to the element specified in the
                 query (e.g., short description element)
                 P1, P4
            4.   Find the matching policies from steps 2 and 3

                            The only policies applied
                            on Short-descr element is

7/24/2013                                                                       17
            Security Enhanced XML document

                                XML Document

                        • Policy Information
                        • Merkle Signature

             SE-XML Document

7/24/2013                                      18
                     Merkle Signature Example

                                                                         Politic_page            Literary_page                          Sport_page

                                                                             Politic                 Article
                                                                                                                               news                  news
            Author     title
                                 paragraph           paragraph      topic Author                topic Author
                                                                                        title                    title
                                                                                                                         topic Author   title topic Author   title

                                                   Author        title
                               Author      title



7/24/2013                                                                                                                                                            19
                Merkle Signature Example

                                                                Politic_page             Literary_page                         Sport_page

                                                                    Politic                  Article
                                                                                                                      news                 news
            Author    title
                                paragraph        paragraph   topic Author               topic Author
                                                                               title                    title
                                                                                                                topic Author   title topic Author   title

                                               Author   title
                              Author   title

                                         MhX ()……||MhX()||…||MhX())

                                                                                       Merkle Signature
                     MhX(Newspaper)                                                    of Newspaper XML file
7/24/2013                                                                                                                                                   20
            Security Enhanced XML document:
             <?xml version="1.0" encoding="UTF-8"?>
             <Annual Report Year = 2003 Name = CS“ CG4g3D8/,mPVV/t+T2O1kZRFhdio=">
              <Policy>1,2,3,4,5,6,7 </Policy>
               <Asset Dept = “CS">
                <Expense Tot="...." PC_ATTR="08"/>
                 <Fund Funding Date=“6/1/03"    Type=“NSF" Amount="..." PC_ATTR="080808"/>
               <Asset Dept=“IST">
               <Expenses Tot="...." PC_ATTR="02"/>
                  <Fund Funding Date=“10/1/03" Type=“DoD" Amount="..." PC_ATTR="060602"/>
                  <Fund Funding Date=“4/1/03" Type=“CIA" Amount="..." PC_ATTR="060602"/>
             - - - - - - - - -
7/24/2013                                                                                    21
                     Secure Structure Example
      <?xml version="1.0" encoding="UTF-8"?>
      <x-82592553 x-4639474="rVR5DQ" x-67303774="QTQXS“ Sign="OD2mc9aVV/tP4g3TG+1kr4sFhdio=">
       <Policy>1,2,3,4,5,6,7 </Policy>
        <x-785490824 x-40276037="PlcZUo">
            <x-590292021 x-57205665="...." PC_ATTR="08"/>
            <x-1037159472    x-122584813="fNhtL"   x-0260379="hgKID" x-93640287="..." PC_ATTR="080808"/>
        <x-785490824 x-40276037="pKGEs">
        <x-590292021 x-57205665="...." PC_ATTR="02"/>
              <x-1037159472 x-122584813="gPd39" x-0260379="hgKID" x-93640287="..." PC_ATTR="060602"/>
              <x-1037159472 x-122584813="o4GpM" x-0260379="yr0QjJ" x-93640287="..." PC_ATTR="060602"/>

7/24/2013                                                                                               22
Subject Publisher Interaction
 n The subject submits queries to publisher; it also sends its
   subject policy configuration

 n Publisher computes a view of the requested documents based
   on access control policies for the subject set by the owner

 n To verify the authenticity of the answer, subject must recompute
   the same bottom up hash value signed by owner (i.e. Merkle
   signature) and compare it with the Merkle signature generated by
   the owner and inserted by the publisher

 n Subject may not get the entire document; therefore publisher
   sends to the subject additional hash values that refer to the
   missing portions of the document

 n Subject verifies the authenticity of the document
        Merkle Hash Paths
                           v                                        v                                          v

                               1                                         1                                          1

                       2                3                      2                 3                         2                3

            w                                                                                 w        w

                4          5                     7        4         5                     7        4           5                  7
                                    6                                        6                                          6

                           8                                        8                                          8                  9
                                                 9                                        9

                                                                                                       10          11        12       13
                     10        11           12       13       10        11           12       13

                                                                                                       14          15        16       17
                     14        15           16       17       14        15           16       17

                    MhPath(4,1)                                    MhPath(7,1)                             MhPath(5,1)

7/24/2013                                                                                                                                  24
                     Completeness Verification
            <?xml version="1.0" encoding="UTF-8"?>
            <x-82592553 x-4639474="rVR5DQ"
             <Policy>1,2,3,4,5,6,7 </Policy>
                                                          Verify authenticity and integrity of ST
             <x-1915689488>                                by using the Merkle Signature
              <x-785490824 x-40276037="PlcZUo">
                                                          Verify the completness
               <x-590292021 x-57205665="...." PC_ATTR="08"/>
                                                          • Translate the submitted query
                <x-1037159472   x-122584813="fNhtL"
            x-0260379="hgKID" x-93640287="..."        //x-785490824[@x-40276037=`pKGEs']/ x-13947931/*
               </x-13947931>                              •    Evaluate the obtained query on the
                                                               secure structure
              <x-785490824 x-40276037="pKGEs">
              <x-590292021 x-57205665="...." PC_ATTR="02"/>
                                                               Check the policy configuration
                <x-13947931>                              •    Hash the result answer received by
                 <x-1037159472 x-122584813="gPd39"
                                                               the Publisher
            x-0260379="hgKID" x-93640287="..."
            PC_ATTR="060602"/>                            •    Match it with the obtained node-set.
                 <x-1037159472 x-122584813="o4GpM"
            x-0260379="yr0QjJ" x-93640287="..."
7/24/2013    </x-1915689488>                                                                             25
Applications to Digital Forensics
  n   Owner is the FBI person who collects the forensics
  n   Publisher is the FBI web site that may be hacked (e.g.,
      CENTCOM was hacked recently – 60 minutes CBS Nov 8, 2009)
  n   Subject is an FBI agent located anywhere in the US or in the
  n   Digital evidence represented as an XML document (XML is now
      used for digital evidence)
  n   Not all agents have access to all evidence
  n   Policies set by owner will specify who has access to what
Related Work and Directions on XML
n Related Work
    n University of CA, Davis (started with relational databases and
      extended to XML)
n Directions
   n Keep up with security as XML specifications evolve
   n How can we integrate confidentiality with authenticity and
      completeness without trusting the publisher?
   n Secure RDF models
         n   Paper submitted to DEXA WebS Workshop
    n   Temporal access control models for XML documents
    n   Secure information interoperability
    n   Secure semantic web
         n   Computer Standards and Interface Journal, March 2005

     Bhavani Thuraisingham

       November 11, 2009
Reply Document Generation
n Reply Generator Algorithm
      n   Input: SE-XML version of XML document d; A query q on d
          submitted by s; the policy configuration of s
      n   Output: Reply document r

n Evaluate q on d and return a well-formed XML document containing
    all and only the nodes satisfying q
n   Determine which access control policies apply to each node
    satisfying q
n   Remove from node-set the nodes that s is not authorized to see
    based on information in SE-XML for d
n    All the attributes in the resulting document are replaced with an
    AtteibuteElement element
n   An additional attribute called MhPath is inserted in each node to be
    returned to s
n   Insert Merkle signature of d
n   Rebuild document by taking the set of nodes returned from the
    above steps and transform into a well-formed document
Example Reply Document
n Reply document generated by Publisher to an IST Professor
 who requests all the patents of CS department
   n   MhPath attribute associated with Short-descr contains all the hash
       values needed to computer the Merkle has value of Patent starting from


                  MhPath                              Authors

       MhPath                                           MhPath
Authentication: Authenticable Element
n Document d = (Vd, vd, Ed, Fed) is defined as follows: Vd is the set of
  all element nodes and attribute nodes in d, vd is the node
  representing the document element called the document root, Ed is
  the set of edges in d, and FEd is the edge labeling function

n Definition 1: Let d = (Vd, vd, Ed, FEd) be an XML document, let g =
  (Vg, vg, Eg, FEg) be the SE-XML version of d, and r = (Vr, vr, Er, FEr)
  be the reply document to a query on d submitted by s. Let VT be the
  set of terminal nodes of r. Let Vr,e be the set of element nodes in the
  reply document r. For each v in Vr, e, v is authenticable by s iff. there
  exists vt in VT with v in path(vt) such that it is possible through a
  recursive bottom up computation to compute the Merkle hash value
  of vd using only the values in {w.MhPath: w is in path(vt)}

n Theorem 1: Let g = (Vg, vg, Eg, FEg) be the SE-XML version of an
  XML document d and r = (Vr, vr, Er, FEr) be the reply document
  corresponding to a query submitted on d by subject s. Each node in
  Vr,e is authenticable by s

n Proof of Theorem is by Induction on the length of the relative path of
  w with respect to v where v is in VT, w is in Vd and v is in path(w)
 Subject Verification Algorithm
n Subject Verification Algorithm:
  Input: Reply document r = (Vr, vr, Er, FEr)
  Output = True if all nodes in r are authentic. False otherwise

n Starting from each terminal node in the reply document, the
  algorithm recomputes the Merkle hash value of the root of document
  d through a bottom-up computation that uses the values of
  attributes MhPath of each node belonging to the path connecting the
  terminal node to the root of the reply document
n The obtained value is compared with the decryption of the Merkle
  Signature of d using the Owner’s public key
n If the two values coincide then all the nodes belonging to the path
  are authentic, otherwise the algorithm terminates and returns false
 Authentication:Authentic Element
n Definition 2:
  Let g = (Vg, vg, Eg, FEg) be the SE-XML version of d, and r = (Vr, vr, Er, FEr)
  be the reply document to a query on d submitted by s. Each node v in Vr, e is
  authentic iff. V is authenticable by s and the computed Merkle has value of vd
  is equal to the decryption of Sign.val using the Owner public key

n Theorem 2:
    n Let s be a subject, q be a query submitted by s, and r be the reply
      document received by s as an answer to q.
    n Subject verification algorithm returns True iff. Each v in Vr,e is authentic
      where Vr,e is the set of element nodes in the reply document r

n Proof:
    n   By theorem 1 all nodes of a reply document correspond to elements are
        authenticable by s. Therefore bt definitions 1 and 2, there exists for each
        vt in VT a recursive bottom-up computation able to compute Merkle hash
        value of the root of the document d using only the values of MhPath
        attributes of all nodes belonging to path (vt), and this value coincides
        with the decryption of the value of the Sign attribute with the Owner
        public key
    n   The proof is to show that this recursive bottom-up computation is
        implemented by the Subject Verification Algorithms
Potential Attacks and Performance Issues
n Attacks
   n Subject attacks
       n Subject Si eavesdropping during subscription phase of
         subject Sm
       n Subject attacking the secure structure and deducing
         sensitive attributes
   n Publisher attacks
       n Publisher changes the Sign element in SE-XML

n Performance Issues
   n Update management
       n Modification of document implies changes to Merkle hash
         and SE-XML document
   n Storage complexity of security information
       n E.g, SE-XML and Secure Structure
Challenge: Integrating Confidentiality and
n Currently the portion of the Publisher that actually enforces
  the access control policy must be trusted
   n I.e. Trust with respect to Confidentiality
n Challenge: How can we come up with a unified approach
  that ensures Confidentiality, Authenticity and
   n Directions: Apply access control policies to portions of
     the document and encrypt the views computers; only
     those authorized to see the views have the keys for
   n Querying encrypted databases
Application: Secure Web Services
n How authenticity, confidentiality and integrity can be
  ensured in the presence of an untrusted UDDI?
n Traditional techniques are not enough!
n Possible solutions:
   n   Integrity, confidentiality: selective encryption of the data
       managed by the UDDI according to the specified access
       control policies
   n   Authenticity: Merkle hash trees
n Additional security properties:
   n   Completeness
   n   Consistency
      ….traditional digital signatures do not fit well in
                 third-party architectures!!

            Query                                              BusinessService

                                  UDDI   PublisherAssertion


  Service                                       Service
 requestor                                      provider

7/24/2013                                                                                           37
        Merkle Signature
       • An alternative way to sign an XML doc

       • By applying a unique digital
       signature on an XML doc                     BusinessEntity

       it is possible to ensure the                                                       tModel

       authenticity of:                                       BusinessService


            • the whole document
            • any portion of it

       • It uses a different way to compute the digest of XML
       docs, based on the Merkle tree authentication
7/24/2013                                                                                          38

To top