A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
IEEE Transactions on Knowledge and Data Engineering
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
XML access control using static analysis
ACM Transactions on Information and System Security (TISSEC)
Relevancy-based access control and its evaluation on versioned XML documents
ACM Transactions on Information and System Security (TISSEC)
Compact access control labeling for efficient secure XML query evaluation
Data & Knowledge Engineering
Optimizing the secure evaluation of twig queries
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
On the efficiency of secure XML broadcasting
Information Sciences: an International Journal
XFlat: Query-friendly encrypted XML view publishing
Information Sciences: an International Journal
A multi-purpose implementation of mandatory access control in relational database management systems
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
An extended mandatory access control model for XML
ASIAN'05 Proceedings of the 10th Asian Computing Science conference on Advances in computer science: data management on the web
Authorization-Transparent access control for XML under the non-truman model
EDBT'06 Proceedings of the 10th international conference on Advances in Database Technology
Enforce mandatory access control policy on XML documents
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Activity-oriented access control to ubiquitous hospital information and services
Information Sciences: an International Journal
A dynamic access control model
Applied Intelligence
Efficient labeling scheme for dynamic XML trees
Information Sciences: an International Journal
Hi-index | 0.07 |
A practical mandatory access control (MAC) model for XML databases is presented in this paper. The label type and label access policy can be defined according to the requirements of different applications. In order to preserve the integrity of data in XML databases, a constraint between a read-access rule and a write-access rule in label access policy is introduced. Rules for label assignment and propagation are presented to alleviate the workload of label assignments. Furthermore, a solution for resolving conflicts in label assignments is proposed. Rules for update-related operations, rules for exceptional privileges of ordinary users and the administrator are also proposed to preserve the security of operations in XML databases. The MAC model, we proposed in this study, has been implemented in an XML database. Test results demonstrated that our approach provides rational and scalable performance.