Authentic publication of XML document data

With XML becoming a major standard for the exchange and sharing of data, many applications now rely on XML to publish and utilize Web data. Data sources (data owners), however often do not have the means to provide high performance query mechanisms, serving hundreds of thousands of client queries per day. Furthermore, it is too costly for them to maintain a secure Web information system infrastructure preventing intruders from tampering with the integrity of the data. As a solution to this problem, data owners can distribute XML document data to data publishers who then handle queries from clients on behalf of the data owners. In this paper, we present a novel authentic publication scheme for XML document data that allows clients to efficiently verify query results from data publishers for correctness and completeness. For this, data owners simply provide summary signatures of their data to clients who then use the signatures in addition to verification objects provided by a publisher to authenticate query results. Our approach supports two of the most common forms of XML queries, path and selection queries. The approach is reliable where no trust from publishers is required, and is practical with a reasonably small overhead, both in terms of time and size of the storage.