Role-Based Access Control Models
Computer
Mandatory access control and role-based access control revisited
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Protection in operating systems
Communications of the ACM
Protection and administration of XML data sources
Data & Knowledge Engineering - Data and applications security
Securing XML Documents with Author-X
IEEE Internet Computing
Lattice-Based Access Control Models
Computer
Access Control in Distributed Object Systems: Problems With Access Control Lists
WETICE '01 Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
XML access control using static analysis
Proceedings of the 10th ACM conference on Computer and communications security
Access control of XML documents considering update operations
Proceedings of the 2003 ACM workshop on XML security
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Compressed accessibility map: efficient access control for XML
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Secure XML querying based on authorization graphs
Information Systems Frontiers
Hi-index | 0.00 |
In this paper, we present a novel fine-grained access control system for applications where the information flow is critical; the confidentiality of the data is essential and there are a huge number of users who access different portions of an XML document as in military applications. We combine MAC and RBACK models for XML for use in the mentioned type of applications. In accordance with the peculiarities of the target applications, the access control model is structured in such a way that the implementation can be done efficiently for large number of users. In the system presented, instead of using access control lists, we use a security labeling approach in defining the grant rules. By combining the advantages of role-based and mandatory access control schemes, the access control system presented provides a fine-grained, flexible and effective access for applications where the confidentiality of data is crucial. The system is implemented and tested for correctness. Performance analysis is also given.