| Chip-Secured XML Access (C-SXA) is a versatile and tamper-resistant XML-based Access Right Controller embedded in a smart card. C-SXA can be used either to protect the privacy of on-board personal data or to control the flow of data extracted from an external source. Tamper-resistance is inherited from the smart card for on-board data or achieved using cryptographic techniques for external data. C-SXA can provide different views of the same on-board or external data depending on the user or application accessing them. Moreover, access control on external data can benefit from on-board storage to enforce powerful, context dependant access control policies. These two features allow C-SXA to address a wide range of applications such as secure portable folders, data sharing among a community of users, parental control and Digital Right Management, in a more secure and accurate way than existing technologies. This work relates the C-SXA experience. We first motivate the interest of the approach and describe different usage scenarios. We then present the internals of C-SXA and show how they tackle the smart card's hardware limitations. Finally, we demonstrate its viability showing how our smart card engine can be integrated in a distributed architecture including the smart card, the server and the user terminal, making the complete chain from the user to the data secure. |
BibTeX,EndNote,...
