A Structure Preserving Approach for Securing XML Documents

41
A Structure Preserving Approach for Securing XML Documents TrustCol-2007 The Department of Computer Science Purdue University Mohamed Nabeel [email protected]

Transcript of A Structure Preserving Approach for Securing XML Documents

Page 1: A Structure Preserving Approach for Securing XML Documents

A Structure Preserving Approach

for Securing XML Documents

TrustCol-2007

The Department of Computer Science

Purdue University

Mohamed Nabeel

[email protected]

Page 2: A Structure Preserving Approach for Securing XML Documents

Outline

• Introduction and Basic Concepts

• Annotation and Encoding Scheme

• Enforcing and Verifying Security

Requirements

• Experimental Results

• Conclusion and Future Work

Page 3: A Structure Preserving Approach for Securing XML Documents

Secure Sharing

• Hierarchical Data such as XML

• Correct Data

• Access Control

A

B C D

IHGFE J

LK

B

FE

LK

D

I J

Bob

Alice

Page 4: A Structure Preserving Approach for Securing XML Documents

Secure Sharing – Access Control

A

B C D

IHGFE J

LK

B

FE

LK

Bob

Apply Access

Control Policy

Page 5: A Structure Preserving Approach for Securing XML Documents

Secure Sharing – Correct Data

A

B C D

IHGFE J

LK

B

XE

LY

B

FE

LK

Eve

Bob

Eve has modified

the values

Eve has dropped

elements

Page 6: A Structure Preserving Approach for Securing XML Documents

Why Preserving Structure

• Partial access to secured documents

• Applying content filters

• Querying secured documents

Late Processing High Scalability

Page 7: A Structure Preserving Approach for Securing XML Documents

Message Level Security

• P2P vs. E2E

– Transport level security (HTTPS, IPSec, etc)

is sufficient to provide P2P security

– But E2E requires more than TLS

– We need message level security

Source Intermediary Destination

P2P

E2E

Page 8: A Structure Preserving Approach for Securing XML Documents

Typical Distributed Setting

• Three-tier architecture

Document Source(s)

Intermediaries

Clients

Scalable Systems Message Level Security

Page 9: A Structure Preserving Approach for Securing XML Documents

XML Node Orderings

• Two types of ordering

1.Hierarchical ordering

2.Sibling ordering

• What orderings are significant?

• What is the relationship between them?

• How does schema validation tools treat

these orderings?

Page 10: A Structure Preserving Approach for Securing XML Documents

XML Node Orderings

• Is Hierarchical ordering significant?

– Yes, It is!

• Is Sibling ordering significant?

– Depends on the application

Two orderings Two-level structural integrity

Page 11: A Structure Preserving Approach for Securing XML Documents

XML Node Orderings

<Review>

<p>Einstein is a

<b>genius</b>;

<b>ordinary</b>

people may not understand his work.</p>

</Review>

<Review>

<p>Einstein is a

<b>ordinary</b>;

<b>genius</b>

people may not understand his work.</p>

</Review>

Einstein is a genius; ordinary people may

not understand his work.

Einstein is a ordinary; genius people may

not understand his work.

XSLT XSLT

Sibling ordering in document centric

applications is significant

Page 12: A Structure Preserving Approach for Securing XML Documents

XML Node Orderings

<person>

<firstname>nabeel</firstname>

<country>sri lanka</country>

<major>cs</major>

<person>

<person>

<country>sri lanka</country>

<firstname>nabeel</firstname>

<major>cs</major>

<person>

firstname country major

nabeel sri lanka cs

Class Person {

String firstname;

String country;

String major;

};

person table

Sibling ordering in data centric

applications may not be significant

Page 13: A Structure Preserving Approach for Securing XML Documents

Information Leakage

A

B C D

IHGFE J

LK

A

B C D

IHGFE J

LK

B

FE

LK

Direct Leakage Indirect Leakage No Leakage

Key K1

Key K2

Bob only knows K1

Hiding the existence No Information Leakage

Page 14: A Structure Preserving Approach for Securing XML Documents

One Example

• Delta-publishing

First Message at t1 Second Message at t2

Delta-Message at t2

The smallest unit of change: An Element

Page 15: A Structure Preserving Approach for Securing XML Documents

Our Approach

• Recognize two level-ordering

• Provide E2E security for hierarchical data

• Reason about security at the smallest

possible change

• Minimal indirect information leakage

Page 16: A Structure Preserving Approach for Securing XML Documents

Next

• Introduction and Basic Concepts

• Annotation and Encoding Scheme

• Enforcing and Verifying Security

Requirements

• Experimental Results

• Conclusion and Future Work

Page 17: A Structure Preserving Approach for Securing XML Documents

XML Document

• A Graph G = { V, v, E, f, g}

– V = Ve U Va U Vr where Ve = {x | x is an element}, Va = {x | x is

an attribute}, Vr = {x | x is a node not in Ve U Va}

– v = document root

– E = Ee U Ea U Er where Ee = {e | e is an edge representing an

element-element connection or a link} , Ea = {e | e is an edge

representing an element-attribute connection}, Er = {e | e is an

edge not in Ee U Ea but starts from an element}

– f:E L where L = {l | l is a node name or an attribute name or

a pre-defined label}, f is called the labeling function

– g:(Ve, i) Ver where g returns the ith child of Ve, Ver = Ve U Vr

Page 18: A Structure Preserving Approach for Securing XML Documents

XML Document

• Example

<?xml version=“1.0” encoding=“UTF-8” ?>

<quote type =„bid‟>

<market>NY</market>

<price cur=„USD‟ size=5m>750</price>

</quote>

Circles – elements

Squares – attributes

Ellipse - other

v

quote

pricemarket

bidtype

USD

cur

5m

size

NY

text

750

text

Page 19: A Structure Preserving Approach for Securing XML Documents

Properties of the Annotation Scheme

• Two independent annotation schemes for

– Hierarchical ordering and

– Sibling ordering

• Time complexity = O( height of the XML

DOM tree)

• Provides the flexibility to incrementally

annotate

Page 20: A Structure Preserving Approach for Securing XML Documents

Concurrent Visitor Pattern

Page 21: A Structure Preserving Approach for Securing XML Documents

Hierarchical Ordering

• Should be able to unambiguously identify parent-child relationships

• Annotate each element with its parent HID

• Element HID‟s need not be unique

• Example: using XPath as HID‟s

– Element x is the parent of y

– Annotate y with h(XPx || name of y), where h is a collision-resistant hash function and XPx

is the XPath of x.XPath sequencing numbers

are not used to prevent indirect

Information leakage.

Page 22: A Structure Preserving Approach for Securing XML Documents

Sibling Ordering

• Maintain the following condition

– Given that elements x and y are siblings and x

is to the left of y, seqx < seqy where seqx and

seqy are secure random numbers assigned to

x and y respectively.

Secure random numbers make inferring

about hidden elements difficult, thus

preventing indirect information leakage.

Page 23: A Structure Preserving Approach for Securing XML Documents

Encoding Scheme

v

quote

pricemarket

bidtype

USD

cur

5m

size

NY

content

750

content

Elements and non-elements Only elements

v

quote

pricemarket

bidtype

USD

cur

5m

size

NY

text

750

text

High reduction in |V| and |E| for document-centric

applications.

Page 24: A Structure Preserving Approach for Securing XML Documents

Encoding Scheme

• New Graph G‟ = { V‟, v, E‟, f’, g’}

• V‟ = V U {x | x is an attribute for ID, seq or

content} - Vr

• E‟ = E U {e | e is an attribute-element from

ID, seq or content} - Er

• f‟:V‟ L‟ where L‟ = L U {ID, seq, content}

• g‟:{Ve, i} Ve where Ve consists only of

elements

Page 25: A Structure Preserving Approach for Securing XML Documents

Next

• Introduction and Basic Concepts

• Annotation and Encoding Scheme

• Enforcing and Verifying Security

Requirements

• Experimental Results

• Conclusion and Future Work

Page 26: A Structure Preserving Approach for Securing XML Documents

Integrity

• Two types of integrity

– Structural integrity

– Content integrity

• Introduce a new attribute (signed)

• Attribute value = h(E.attrs || E.content)

– h – hash function

– E.attrs - concatination of attribute name-value pairs of

element E

– E.content – content of element E

• Merkle hash vs. Our approach

Page 27: A Structure Preserving Approach for Securing XML Documents

Integrity

A

B C D

IHGFE J

LK

B

XE

LY

B

FE

LK

Bob receives..

Content Integrity is

violated

Sibling Integrity is

violated

B

FL

EK

B

FE

KL

Hierarchical

Integrity is violatedCompleteness

is violated

Page 28: A Structure Preserving Approach for Securing XML Documents

Confidentiality

• Content of each element is encrypted

• Introduce a new attribute (encrypted)

• Attribute value = keys(keyr||keyr (E.attrs || E.content || E.signed))– keyr – a randomly generated key

– keys – shared key

– E.attrs – concatination of attribute name-value pairs of element E

– E.content – content of element E

– E.signed – digital signature computed for E

Page 29: A Structure Preserving Approach for Securing XML Documents

Verifying and Updating

• Each element can be verified

independently

• Hierarchical and Sibling integrity can be

verified independently

• Each element can be updated

independently

• Structure can be updated without affecting

the existing values

Page 30: A Structure Preserving Approach for Securing XML Documents

Example: Updating

<?xml version=“1.0” encoding=“UTF-8” ?>

<quote type =„bid‟>

<market>NY</market>

<price cur=„USD‟ size=5m>765</price>

</quote>v

quote

pricemarket

X

X

signed

encrypted

X

X

signed

signed

X X

encrypted encrypted

Re-calculate signed and

encrypted attributes only

for this element

Page 31: A Structure Preserving Approach for Securing XML Documents

Next

• Introduction and Basic Concepts

• Annotation and Encoding Scheme

• Enforcing and Verifying Security

Requirements

• Experimental Results

• Conclusion and Future Work

Page 32: A Structure Preserving Approach for Securing XML Documents

Global vs. Local Annotation

0

50

100

150

200

250

300

350

400

1 2 3 4 5 6 7 8

Number of Elements in the XML document (in 500)

Tim

e t

ak

en

to

an

no

tate

(m

s)

Local Annotation Global Annotation

Page 33: A Structure Preserving Approach for Securing XML Documents

Updating XML Document

0

100

200

300

400

500

600

700

800

1 2 3 4 5

Percentage of the Document Updated

Tim

e t

ak

en

(m

s)

Our Scheme W3C Scheme

Page 34: A Structure Preserving Approach for Securing XML Documents

Division of Labor

0

5000

10000

15000

20000

25000

30000

35000

40000

45000

1 2 3 4 5 6 7 8

Number of Elements in the XML Document (in 500)

Tim

e T

ak

en

encoding signing encrypting

Page 35: A Structure Preserving Approach for Securing XML Documents

Outline

• Introduction and Basic Concepts

• Annotation and Encoding Scheme

• Enforcing and Verifying Security

Requirements

• Implementation and Experimental Results

• Conclusion and Future Work

Page 36: A Structure Preserving Approach for Securing XML Documents

Conclusion and Future Work

• We presented an interesting approach to secure XML documents while preserving the structure

• We plan to extend the work presented to

– Explore ways to reduce the signing time

– Explore possible hybrid combinations of our approach and the standard approach

• We are planning to publish the library under ASF license

Page 37: A Structure Preserving Approach for Securing XML Documents

Questions

Page 38: A Structure Preserving Approach for Securing XML Documents

Thank You!

Page 39: A Structure Preserving Approach for Securing XML Documents

Merkle Hash

Page 40: A Structure Preserving Approach for Securing XML Documents

Visitor Pattern

Page 41: A Structure Preserving Approach for Securing XML Documents

W3C Digital Signature