Sticky policy enabled authenticated OOXML

Spyra, Grzegorz; Buchanan, William J.; Ekonomou, Elias

doi:10.1109/sai.2016.7556117

Cited by 2 publications

(4 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…AES 256). compared to 3072 and 4096 RSA operations applied to pseudo random AES 256 key [10] Results show (see Fig. 5) that RSA with key size 4096 requires more time than Pairing Based Cryptography, i.e.…”

Section: Discussionmentioning

confidence: 99%

“…6. DAC Policy (tp) and Sticky-Policy (ts) DB queries response time [10] Finally the last OOXML and XACML evaluation using explicit relationship and master document model [11] from WordprocessingML subclause shown that described here granular access control method can be used to control access to sub-documents. Whereas policy access response denied resource Write access model added Read-Only attribute to master document what was represented as a padlock on the document outline (see Fig.…”

Section: Discussionmentioning

confidence: 99%

“…Sticky-policy integrity can also be checked under Authenticated Identity-Based Encryption [10] scheme albeit it requires policy private key to be leased by the Trust Authority (TA) during initial encryption.…”

Section: Sticky Policies Ibe Authenticitymentioning

confidence: 99%

See 2 more Smart Citations

Protecting documents with sticky policies and identity-based encryption

Spyra

Buchanan

2016

2016 Future Technologies Conference (FTC)

Self Cite

View full text Add to dashboard Cite

Documents are increasingly being held in public cloud-based systems, and there thus increasingly exposed to accesses from malicious entities. This paper focuses on the integration of sticky policies that are embedded into OOXML (Open Office XML) protecting each of the elements of a data package. Along with this it combines with Identity-Based Encryption (IBE) to securely attach the sticky policy onto data.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Protecting documents with sticky policies and identity-based encryption

Spyra

Buchanan

2016

2016 Future Technologies Conference (FTC)

Self Cite

View full text Add to dashboard Cite

show abstract

“…For example, [43] uses Identity-Base Encryption scheme to encrypt cloud-stored artifacts with their own lifecycle as public key. In addition to ensure data confidentiality, it prevents the lifecycle to be tampered as the unchanged private key would not be able to decipher the resulting artifact.…”

Section: Cryptographic Approachesmentioning

confidence: 99%

Decentralized enforcement of document lifecycle constraints

Hallé

Khoury

Betti

et al. 2018

Information Systems

View full text Add to dashboard Cite

Artifact-centric workflows describe possible executions of a business process through constraints expressed from the point of view of the documents exchanged between principals. A sequence of manipulations is deemed valid as long as every document in the workflow follows its prescribed lifecycle at all steps of the process. So far, establishing that a given workflow complies with artifact lifecycles has mostly been done through static verification, or by assuming a centralized access to all artifacts where these constraints can be monitored and enforced. We present in this paper an alternate method of enforcing document lifecycles that requires neither static verification nor single-point access. Rather, the document itself is designed to carry fragments of its history, protected from tampering using hashing and public-key encryption. Any principal involved in the process can verify at any time that the history of a document complies with a given lifecycle. Moreover, the proposed system also enforces access permissions: not all actions are visible to all principals, and one can only modify and verify what one is allowed to observe. These concepts have been implemented in a software library called Artichoke, and empirically tested for performance and scalability.

show abstract

Sticky policy enabled authenticated OOXML

Cited by 2 publications

References 16 publications

Protecting documents with sticky policies and identity-based encryption

Protecting documents with sticky policies and identity-based encryption

Decentralized enforcement of document lifecycle constraints

Contact Info

Product

Resources

About