Research Output

Sticky policy enabled authenticated OOXML

  This paper proposes a secure document sharing construction, which addresses confidentiality and authenticity concerns related to cloud-based data sharing. The goal of this research is to find an efficient way to share data in the cloud across various security boundaries and in different access contexts for large enterprises as well as for small business market and private use. This work extends the popular Office Open XML (OOXML) document format with an eXtensible Access Control Mark-up Language (XACML) data piece, which defines a sticky-policy. The defined model leverages the original Identity Based Encryption (IBE) primitive properties by using sticky-policy to construct a public key. Research shows that Sticky-policy successfully followed the protected data in the cloud and only authorized subject accessed the data. Cryptographic operations on the client side during document encryption and decryption here were marginally faster than in other RSA based Information Rights Management IRM systems. Technologies used for proposed construction are not new, therefore only their unique combination with sticky-policy used as a public key constitutes novelty of this research.

  • Date:

    01 September 2016

  • Publication Status:


  • Publisher

    Institute of Electrical and Electronics Engineers

  • DOI:


  • Library of Congress:

    QA75 Electronic computers. Computer science

  • Dewey Decimal Classification:

    005.8 Data security


Spyra, G., Buchanan, W. J., & Ekonomou, E. (2016). Sticky policy enabled authenticated OOXML. In Conference Proceedings of the IEEE Technically Sponsored SAI Computing Conference 2016doi:10.1109/SAI.2016.7556117



Cybersecurity; health information systems; business management

Monthly Views:

Available Documents