Information exchange via XML documents is a rapidly growing technology. However, to date, complex constraints of trust and confidentiality often prohibit the dissemination of data. Data that could safely be disseminated to others remains hidden behind firewalls. This project aims at producing lightweight tools that allows publication and dissemination of data while at the same time controlling how data is accessed. New data management techniques are developed that use cryptographic primitives in order to enforce access control policies in published XML documents. In cryptographically enforced access control, the data owner publishes a single data instance, which is partially encrypted, and which enforces all access control policies. The project develops a declarative language for access policies, based on XQuery, and a method for applying these policies to an XML data instance to produce a single, multiply-encrypted XML view. This view can then be published by the data owner on the Internet, and everyone can freely download and disseminate it. The crucial aspect is that only users having the right keys can access encrypted parts of the XML document. Different users holding different set of keys will have access to different parts of the document. The project also develops an XQuery interpreter to enable authorized users, holding the right keys, to execute queries on the encrypted view. The interpreter decrypts data on the fly, and only that data required to answer the query. A novel kind of data model, called protection tree, is developed which captures how various keys protect different parts of the XML data. The protection tree is central to the proposed approach: once the security policies are applied to the XML data instance, they produce a protection tree; and the data model that forms the input to the user queries is also modeled as a protection tree. The results of this research will be applicable to providing secure access to XML documents. The project Web site (www.cs.washington.edu/homes/pjallen/cryptography.html) will be used for free dissemination of results; specifically, a policy query evaluator (which produces the encrypted view), a decrypting XQuery interpreter (which is used to query the encrypted view), and a consistency checker. This project will also provide educational and research experience in the Cyber Trust area.
