Tamper-Resistant Ubiquitous Data Management

Luc Bouganim 1, 2 François Dang Ngoc 1 Philippe Pucheral 1, 2
1 SMIS - Secured and Mobile Information Systems
PRISM - Parallélisme, Réseaux, Systèmes, Modélisation, UVSQ - Université de Versailles Saint-Quentin-en-Yvelines, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR8144
Abstract : Chip-Secured XML Access (C-SXA) is a versatile and tamper-resistant XML-based Access Right Controller embedded in a smart card. C-SXA can be used either to protect the privacy of onboard personal data or to control the flow of data extracted from an external source. Tamperresistance is inherited from the smart card for on-board data or achieved using cryptographic techniques for external data. C-SXA can provide different views of the same on-board or external data depending on the user or application accessing them. Moreover, access control on external data can benefit from on-board storage to enforce powerful, context dependant access control policies. These two features allow C-SXA to address a wide range of applications such as secure portable folders, data sharing among a community of users, parental control and Digital Right Management, in a more secure and accurate way than existing technologies. This work relates the C-SXA experience. We first motivate the interest of the approach and describe different usage scenarios. We then present the internals of C-SXA and show how they tackle the smart card's hardware limitations. Finally, we demonstrate its viability showing how our smart card engine can be integrated in a distributed architecture including the smart card, the server and the user terminal, making the complete chain from the user to the data secure
Type de document :
Article dans une revue
International Journal of Computer Systems Science and Engineering, CRL Publishing, 2005, 20 (2)
Liste complète des métadonnées

Littérature citée [26 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00316020
Contributeur : Elisabeth Baque <>
Soumis le : mardi 2 septembre 2008 - 13:14:38
Dernière modification le : vendredi 25 mai 2018 - 12:02:04
Document(s) archivé(s) le : jeudi 3 juin 2010 - 19:21:50

Fichier

BDP05a.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00316020, version 1

Collections

Citation

Luc Bouganim, François Dang Ngoc, Philippe Pucheral. Tamper-Resistant Ubiquitous Data Management. International Journal of Computer Systems Science and Engineering, CRL Publishing, 2005, 20 (2). 〈inria-00316020〉

Partager

Métriques

Consultations de la notice

234

Téléchargements de fichiers

228