Structured documents: signatures and deception
Hunter, Aaron (Aaron Hunter (Aaron_Hunter)) (author) (editor) (translator)
© 2012 IEEE
Proceedings of 2012 European Intelligence and Security Informatics Conference (EISIC) in Odense, Denmark 22-24 Aug. 2012. Much of the information exchanged between agents over a network is encapsulated in XML documents. An XML document has a tree structure, and the meaning of the document can be understood in terms of a set of label-value pairs. The content of a document is often secured through digital signatures applied to different sections, while the document is passed between several agents. In this paper, we illustrate that this process is insecure in the sense that a malicious agent can deceive an honest agent to hold beliefs that are untrue. We provide a formal framework for analyzing the security of structured documents, based on the implicit epistemic impact that a signed document will have on a recipient. This kind of analysis can provide significant insight into deception and fraud detection.
http://ieeexplore.ieee.org/document/6298843/