A Study on Read/Write Protection of a Digital Document by Cryptographic Techniques

The 2009 IEEE International Symposium on Trust, Security and Privacy for Pervasive Applications (TSP-09) was held in University of Macau in China during October 12th to 14th, 2009, in conjunction with the 2009 IEEE International Conference on Mobile Ad-hoc and Sensor Systems (IEEE MASS 2009). In TSP 2009, there were 27 presentations.

Systems Development Laboratory, Hitachi, Ltd. made a presentation titled "A Study on Read/Write Protection of a Digital Document by Cryptographic Techniques" about encryption schemes that enable us to control rights for reading and writing a part of a digital document according to users (Fig. 1).

Digital Documents often contain sensitive information, e.g., privacy information or company secret. Therefore, for a proper use of a digital document, e.g., creation, revision or reading, it is important to manage the digital document so that only privileged users can read and write a proper part in the document. For this need, we usually store a digital document into a database system and restrict users who reach the digital document by an access control mechanism on the system.

In TSP-09, we propose a cryptographic scheme for controlling rights to read and write a part of a digital document according to users. Because our proposed scheme control rights for reading and writing by a private key of each user, we do not need to store digital documents into a database system for managing the digital documents.

In addition, the recent developed cryptographic techniques usually adopt a sophisticated technique such as a bilinear map. However, the proposed scheme consists of only conventional cryptographic techniques, i.e., a public-key encryption scheme, a symmetric-key encryption scheme and a digital signature scheme (Fig. 2). Therefore the proposed scheme is implemented by a standard cryptographic library without any modification of the cryptographic components. In addition, we do not need to distribute special key sets for an application of the proposed scheme.

Because our proposed scheme does not need to use a database system to manage a digital document, it enables us to protect digital documents from fraudulence of a malicious administrator and to promote a proper use of a digital document in different environments.