Text 3C. Third Party Secure Data Publication Applied to Cloud
Essential Vocabulary
amount v - составлять, приравниваться
authenticity n-подлинность, достоверность
children n-потомки
security policy framework-базовое средство разработки политики безопасности
grade n - уровень; степень; качество
grant v-давать, наделять
Merkle signature - подпись с использованием определенного алгоритма
outsourcing n-передача данных третьим лицам, аутсорсинг
propagate v - распространяться, передаваться
relevant adj - подходящий, соответствующий
root n-администратор
subscribe v-подписывать
XML(extensible Markup language) - расширенный язык разметки
Cloud computing facilitates storage of data at a remote site to maximize resource utilization. As a result, it is critical that this data be protected and only given to authorized individuals. This essentially amounts to secure third party publication of data that is necessary for data outsourcing, as well as external publications. We have developed techniques for third party publication of data in a secure manner. We assume that the data is represented as an XML document. This is a valid assumption as many of the documents on the web are now represented as XML documents.
In the access control framework security policy is specified depending on user roles and credentials. Users must possess the credentials to access XML documents. The credentials depend on their roles. For example, a professor has access to all of the details of students while a secretary only has access to administrative information. XML specifications are used to specify the security policies. Access is granted for an entire XML document or portions of the document. Under certain conditions, access control may be propagated down the XML tree.
For example, if access is granted to the root, it does not necessarily mean access is granted to all the children. One may grant access to the XML schema and not to the document instances. One may grant access to certain portions of the document. For example, a professor does not have access to the medical information of students while he has access to student grade and academic information. Design of a system for enforcing access control policies is also described. Essentially, the goal is to use a form of view modification so that the user is authorized to see the XML views as specified by the policies. More research needs to be done on role-based access control for XML and the semantic web.
|
|
|
We discuss the secure publication of XML documents. The idea is to have untrusted third party publishers. The owner of a document specifies access control polices for the subjects. Subjects get the policies from the owner when they subscribe to a document. The owner sends the documents to the Publisher. When the subject requests a document, the publisher will apply the policies relevant to the subject and give portions of the documents to the subject. Now, since the publisher is untrusted, it may give false information to the subject. Therefore, the owner will encrypt various combinations of documents and policies with his/her private key. Using Merkle signature and the encryption techniques, the subject can verify the authenticity and completeness of the document.
In the cloud environment, the third party publisher is the machine that stored the sensitive data in the cloud. This data has to be protected and the techniques we have discussed above have to be applied to that authenticity and completeness can be maintained.
Task 10. Translate the following word combinations:
To maximize resource utilization; this amounts to secure third party publication; valid assumption; third party publication; student grade; subscribe to a document
Task 11.Answer the questions:
1. What does this article deal with?
2. How can we facilitate storage of data at a remote site to maximize resource utilization?
3. What's the way of XML documents secure publication?
4. What can be verified by using Merkle signature and the encryption techniques?
Task 12. Render the text
Task 13. Read and translate the text using Essential Vocabulary:
Дата добавления: 2018-04-15; просмотров: 188; Мы поможем в написании вашей работы! |
Мы поможем в написании ваших работ!