A bitmap-based access control for restricted views of XML documents

2003 ◽  
Author(s):  
Abhilash Gummadi ◽  
Jong P. Yoon ◽  
Biren Shah ◽  
Vijay Raghavan
Keyword(s):  
Access Control ◽  
Xml Documents

Storage and Access Control Policies for XML Documents

2005 ◽  
pp. 2616-2621
Author(s):  
George Pallis ◽  
Konstantina Stoupa ◽  
Athena Vakali
Keyword(s):  
Access Control ◽  
Knowledge Exchange ◽  
File Systems ◽  
Data Representation ◽  
The Internet ◽  
Xml Documents ◽  
Web Document ◽  
Web Information System ◽  
Access Control Policies ◽  
Control Modules

The Internet (and networks overall) are currently the core media for data and knowledge exchange. XML is currently the most popular standardization for Web document representation and is rapidly becoming a standard for data representation and exchange over the Internet. One of the main issues is XML documents and in particular, storage and accessing. Among data management issues, storage and security techniques have a particular importance, since the performance of the overall XML-based Web information system relies on them. Storage issues mainly rely on the usage of typical database management systems (DBMSs), whereas XML documents can also be stored in other storage environments (such as file systems and LDAP directories) (Amer-Yahia & Fernandez, 2002; Kanne & Moerkotte, 2000; Silberschatz, Korth & Sudarshan, 2002). Additionally, in order to guarantee the security of the XML data, which are located in a variety of the above storage topologies, the majority of implementations also provide an appropriate access control. Most storage systems cooperate with access control modules implementing various models (Joshi, Aref, Ghafoor & Spafford, 2001), whereas there are few commercial access control products available. However, there are some standardized XML-based access control languages that can be adopted by most tools.

Secure Publishing using Schema-level Role-based Access Control Policies for Fragments of XML Documents

2009 ◽  
Author(s):  
Tomasz Müldner ◽  
Robin McNeill ◽  
Jan Krzysztof Miziołek
Keyword(s):  
Access Control ◽  
Fixed Number ◽  
Original Structure ◽  
Role Based Access Control ◽  
Control Policies ◽  
Xml Documents ◽  
Access Control Policies ◽  
Minimum Number ◽  
Role Based ◽  
Implementation Tool

Popularity of social networks is growing rapidly and secure publishing is an important implementation tool for these networks. At the same time, recent implementations of access control policies (ACPs) for sharing fragments of XML documents have moved from distributing to users numerous sanitized sub-documents to disseminating a single document multi-encrypted with multiple cryptographic keys, in such a way that the stated ACPs are enforced. Any application that uses this implementation of ACPs will incur a high cost of generating keys separately for each document. However, most such applications, such as secure publishing, use similar documents, i.e. documents based on a selected schema. This paper describes RBAC defined at the schema level, (SRBAC), and generation of the minimum number of keys at the schema level. The main advantage of our approach is that for any application that uses a fixed number of schemas, keys can be generated (or even pre-generated) only once, and then reused in all documents valid for the given schema. While in general, key generation at the schema level has to be pessimistic, our approach tries to minimize the number of generated keys. Incoming XML documents are efficiently encrypted using single-pass SAX parsing in such a way that the original structure of these documents is completely hidden. We also describe distributing to each user only keys needed for decrypting accessible nodes, and for applying the minimal number of encryption operations to an XML document required to satisfy the protection requirements of the policy.

An extended role based access control method for XML documents

2004 ◽  
Vol 9 (5) ◽  
pp. 740-744
Author(s):  
Meng Xiao-feng ◽  
Luo Dao-feng ◽  
Ou Jian-bo
Keyword(s):  
Access Control ◽  
Control Method ◽  
Role Based Access Control ◽  
Xml Documents ◽  
Role Based
Sign in / Sign up

Export Citation Format

Share Document