We present a flexible approach for achieving user-controlled privacy and integrity of documents that are collaboratively authored within web-based document-editing applications. In this setting, the goal is to provide security without modifying the web application's client-side or server-side components. Instead, communication between both components is transparently intercepted and processed (if necessary) by means of a local proxy or browser plugin. We improve upon existing solutions by securely preserving real-time collaboration for encrypted documents and facilitating self-containment of the metadata (an overhead of encryption) within the same document. An architectural generalization is also presented that permits generic transformations and fine-grained access control. Security is assessed with respect to several threat models, and performance is evaluated alongside other approaches. © 2012 Springer-Verlag.
CITATION STYLE
Clear, M., Reid, K., Ennis, D., Hughes, A., & Tewari, H. (2012). Collaboration-preserving authenticated encryption for operational transformation systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 7483 LNCS, pp. 204–223). https://doi.org/10.1007/978-3-642-33383-5_13
Mendeley helps you to discover research relevant for your work.