A secure publishing service for digital libraries of XML documents

Abstract

Secure publication over the Internet of XML data is becoming a crucial need as XML is rapidly becoming a standard for document representation and exchange over theWeb. Publishing services must have a mechanism that ensures that a user receives all and only those portions of information he/she is entitled to access (for instance those for which the user has paid a subscription fee). Furthermore, such a mechanism must ensure that these contents are not eavesdropped during their transmission from the publishing service to the user. In this paper, we propose an architecture for secure publishing of XML documents. Distinguishing features of our proposal is the flexibility the publishing service offers both in terms of the way users can select the contents they are interested in and in the way the contents are delivered to users. Secure content delivery to users is obtained through the use of different encryption schemes, which ensure that only subscribed users can access the contents managed by the publishing service. In the paper, we first present an overall view of the proposed approach. We then introduce the components of the architecture and the encryption schemes we have developed. Finally, we present algorithms for information delivery to users.