| Summary: | 碩士 === 淡江大學 === 資訊管理學系碩士班 === 97 === The file encryption technique is mainly developed for encoding the entire file or document nowadays. However, the users with different authority and identification would have the different right for information acquisition according to the confidentially sensitive information. This research proposes an encryption method to assign authentications for different portions (i.e., paragraphs) of a document with various levels of confidentiality, and to manage the assigned authentications. In order to manage the keys generated by the encryption method, this research introduces a Role-Based Access Control (RBAC) mechanism for it. Additionally, this RBAC managing approach could restrict the access of content within a paragraph in a document to the authorized users via the corresponding key of its represented role.
The encryption format of documents used in this research is the general format of the extensible markup language (XML). The encrypted documents could be accessed and read dynamically through the technique of document object model (DOM) in XML. This DOM technique also improve the ease of encryption and preservation of documents. In practice, the key decoding mechanism could be accomplished through its own specific decoder for the encrypted documents. This also provides the convenience for users to access and read the documents in the original or familiar format without even perceiving the documents are encrypted.
The encryption method proposed in this research could realize and accomplish the encryption of a paragraph or several paragraphs in a document. A single document is no longer needed to be encoded entirely with the same level of encryption. It becomes possible for a document to encode different paragraphs with different levels of encryption according to the needs for achieving the appropriateness of file encryption. Consequently, the decreasing confidentiality and increasing security of a document could be achieved by hiding the information of confidentiality and sensitivity via the inner document encryption. The non-confidential information and knowledge could be then shared by more users.
|
|---|
