CAUTIS Bogdan
Doctorat
Equipe : Intelligence Artificielle et Systèmes d'Inférence
Signer et raisonner sur les mises a jour d'arbres
Début le 01/01/1970
Direction : ABITEBOUL, Serge
Ecole doctorale : ED STIC 580
Etablissement d'inscription : INRIA
Lieu de déroulement :
Soutenue le 01/09/2005 devant le jury composé de :
Talel Abdessalem (examinateur), Professeur, ENST Paris ;
Serge Abiteboul (directeur de thèse), Directeur de Recherche, INRIA Futurs ;
Nicole Bidoit (examinateur), Professeur, Université Paris-Sud 11 ;
Luc Bouganim (rapporteur), Directeur de Recherche, INRIA Roquencourt;
Activités de recherche :
- XML
Résumé :
The purpose of this thesis is to address some of the security issues that are raised in distributed XML data management, with a focus on integrity in data exchange.
We first address the need to allow pre-defined modifications for sensitive exchanged data, by considering two models for expressing fine-grained updates restrictions on XML data, namely emph{+/- Annotated Trees} and emph{XML Update Constraints}. To enforce these models, we investigate cryptographic mechanisms by which some modifications may still occur, without causing the invalidation of the data. In order to support rich restrictions without disclosing the history of updates, we devise a first homomorphic digital signature scheme for emph{insert-only collections}.
As a direct application of homomorphic signatures, we then consider a setting in which parties exchange modifiable emph{queries}. More precisely, we take a first step towards enabling distributed access control, when policies and their enforcement are not handled by the actual data sources, being (partially) delegated to third-parties. Our approach relies on a flexible mechanism for signing queries, that allows their rewriting into authorized forms.
In a second part of this thesis, the focus shifts from integrity enforcement to reasoning about integrity properties and the dynamic nature of published or exchanged XML data. More precisely, we study implication problems for the emph{XML Update Constraints} formalism, that describes in terms of XPath queries how an XML document can evolve. Besides classical constraint implication, we study instance-based implication, with respect to a current tree instance, resulting from a series of unknown updates.