{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:35:40Z","timestamp":1750307740740,"version":"3.41.0"},"reference-count":25,"publisher":"Association for Computing Machinery (ACM)","issue":"2","license":[{"start":{"date-parts":[[2008,5,1]],"date-time":"2008-05-01T00:00:00Z","timestamp":1209600000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000143","name":"Division of Computing and Communication Foundations","doi-asserted-by":"publisher","award":["CCR-0204162 CCR-0208800 CCF-0524078 ITR-0430594"],"award-info":[{"award-number":["CCR-0204162 CCR-0208800 CCF-0524078 ITR-0430594"]}],"id":[{"id":"10.13039\/100000143","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CCR-0204162 CCR-0208800 CCF-0524078 ITR-0430594"],"award-info":[{"award-number":["CCR-0204162 CCR-0208800 CCF-0524078 ITR-0430594"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["J. ACM"],"published-print":{"date-parts":[[2008,5]]},"abstract":"<jats:p>Some promising recent schemes for XML access control employ encryption for implementing security policies on published data, avoiding data duplication. In this article, we study one such scheme, due to Miklau and Suciu [2003]. That scheme was introduced with some intuitive explanations and goals, but without precise definitions and guarantees for the use of cryptography (specifically, symmetric encryption and secret sharing). We bridge this gap in the present work. We analyze the scheme in the context of the rigorous models of modern cryptography. We obtain formal results in simple, symbolic terms close to the vocabulary of Miklau and Suciu. We also obtain more detailed computational results that establish security against probabilistic polynomial-time adversaries. Our approach, which relates these two layers of the analysis, continues a recent thrust in security research and may be applicable to a broad class of systems that rely on cryptographic data protection.<\/jats:p>","DOI":"10.1145\/1346330.1346331","type":"journal-article","created":{"date-parts":[[2008,5,15]],"date-time":"2008-05-15T18:28:05Z","timestamp":1210876085000},"page":"1-29","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":13,"title":["Security analysis of cryptographically controlled access to XML documents"],"prefix":"10.1145","volume":"55","author":[{"given":"Mart\u00edn","family":"Abadi","sequence":"first","affiliation":[{"name":"University of California, Santa Cruz, Santa Cruz, California, and Microsoft Research, Silicon Valley, California"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bogdan","family":"Warinschi","sequence":"additional","affiliation":[{"name":"University of Bristol, Bristol, UK"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2008,5,15]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-001-0014-7"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1145\/76894.76895"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/948109.948140"},{"key":"e_1_2_1_4_1","unstructured":"Bellare M. and Rogaway P. 2005. Introduction to modern cryptography. (Available at: http:\/\/www.cs.ucsd.edu\/~mihir\/cse207\/classnotes.html.)  Bellare M. and Rogaway P. 2005. Introduction to modern cryptography. (Available at: http:\/\/www.cs.ucsd.edu\/~mihir\/cse207\/classnotes.html.)"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586116"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/4236.935172"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/237814.238015"},{"key":"e_1_2_1_8_1","unstructured":"Castano S. Fugini M. G. Martella G. and Samarati P. 1995. Database Security. Addison-Wesley -- ACM Press New York.   Castano S. Fugini M. G. Martella G. and Samarati P. 1995. Database Security. Addison-Wesley -- ACM Press New York."},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1111348.1111353"},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/505586.505590"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1137\/S0097539795291562"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/950620.950623"},{"key":"e_1_2_1_13_1","doi-asserted-by":"crossref","unstructured":"Eastlake D. and Reagle J. 2002. XML encryption syntax and processing. http:\/\/www.w3.org\/TR\/xmlenc-core.  Eastlake D. and Reagle J. 2002. XML encryption syntax and processing. http:\/\/www.w3.org\/TR\/xmlenc-core.","DOI":"10.17487\/rfc3075"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/358468.358493"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1016\/0022-0000(84)90070-9"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/352600.352613"},{"volume-title":"Proceedings of the 2004 IEEE Symposium on Security and Privacy. IEEE Computer Society Press","year":"2004","author":"Laud P.","key":"e_1_2_1_18_1"},{"key":"e_1_2_1_19_1","unstructured":"Micciancio D. 2004. Towards computationally sound symbolic security analysis. (Talk at DIMACS; slides available at: http:\/\/dimacs.rutgers.edu\/Workshops\/Protocols\/slides\/micciancio.pdf.)  Micciancio D. 2004. Towards computationally sound symbolic security analysis. (Talk at DIMACS; slides available at: http:\/\/dimacs.rutgers.edu\/Workshops\/Protocols\/slides\/micciancio.pdf.)"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-30576-7_10"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1007\/11787006_7"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-24638-1_8"},{"volume-title":"VLDB 2003: 29th International Conference on Very Large Data Bases. ACM","author":"Miklau G.","key":"e_1_2_1_23_1"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/359168.359176"},{"volume-title":"Principles of Database Systems","author":"Ullman J.","key":"e_1_2_1_25_1"},{"volume-title":"VLDB 2004: 30th International Conference on Very Large Data Bases. ACM","author":"Yang X.","key":"e_1_2_1_26_1"}],"container-title":["Journal of the ACM"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1346330.1346331","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1346330.1346331","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T13:38:57Z","timestamp":1750253937000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1346330.1346331"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,5]]},"references-count":25,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2008,5]]}},"alternative-id":["10.1145\/1346330.1346331"],"URL":"https:\/\/doi.org\/10.1145\/1346330.1346331","relation":{},"ISSN":["0004-5411","1557-735X"],"issn-type":[{"type":"print","value":"0004-5411"},{"type":"electronic","value":"1557-735X"}],"subject":[],"published":{"date-parts":[[2008,5]]},"assertion":[{"value":"2007-01-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2007-05-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2008-05-15","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}