Safe Data Sharing and Data Dissemination on Smart Devices

The erosion of trust put in traditional database servers, the growing interest for different forms of data dissemination and the concern for protecting children from suspicious Internet content are different factors that lead to move the access control from servers to clients. Several encryption schemes can be used to serve this purpose but all suffer from a static way of sharing data. In a precedent paper, we devised smarter client-based access control managers exploiting hardware security elements on client devices. The goal pursued is being able to evaluate dynamic and personalized access control rules on a ciphered XML input document, with the benefit of dissociating access rights from encryption. In this demonstration, we validate our solution using a real smart card platform and explain how we deal with the constraints usually met on hardware security elements (small memory and low throughput). Finally, we illustrate the generality of the approach and the easiness of its deployment through two different applications: a collaborative application and a parental control application on video streams

An Access Control Model for Tree Data Structure

International audienceTrees are very often used to structure data. For instance, file systems are structured into trees and XML documents can be represented by trees. There are literally as many access control schemes as there are tree data structures. Consequently, an access control model which has been defined for a particular kind of tree cannot be easily adapted to another kind of tree. In this paper, we propose an access control model for generic tree data structures. This model can then be applied to any specific typed tree data structure

Fairness concerns in digital right management models

International audienceDigital piracy is threatening the global multimedia content industry and blindly applied coercive Digital Right Management (DRM) policies do nothing but legitimise this piracy. This paper presents new software and hardware infrastructure aimed at reconciling the content providers' and consumers' points of view by giving the ability to develop fair business models (i.e., that preserve the interest of both parties). The solution is based on the use of tamper-resistant devices (smart cards) to securely store sensitive data (e.g., personal consumer data or data expressing the terms of a B2C contract or licence) and to perform the computation required by a contract/licence activation. In other words, smart cards can be seen as tamper-resistant Service Level Agreement (SLA) enablers

An authorization model for XML databases

Université de Pau et des Pays de l’Adou

A general approach to securely querying XML

Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user views on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML dataset. The aim of this paper is to describe a model combining the advantages of these approaches and overcoming their limitations. The model specification is given using a Finite State Automata, ensuring generality and easiness of standardization w.r.t. specific implementation techniques