Towards secure XML document with usage control

Authors:
Jinli Cao;Lili Sun;Hua Wang
Affiliations:
Department of Computer Science & Computer Engineering, La Trobe University, Melbourne, Australia;Department of Maths & Computing, University of Southern Queensland, Toowoomba, Australia;Department of Maths & Computing, University of Southern Queensland, Toowoomba, Australia
Venue:
APWeb'05 Proceedings of the 7th Asia-Pacific web conference on Web Technologies Research and Development
Year:
2005

Citing 17
Cited 1

A unified framework for enforcing multiple access control policies

SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Secure electronic commerce: building the infrastructure for digital signatures and encryption

Secure electronic commerce: building the infrastructure for digital signatures and encryption
Onion routing

Communications of the ACM
Controlled access and dissemination of XML documents

Proceedings of the 2nd international workshop on Web information and data management
XML document security based on provisional authorization

Proceedings of the 7th ACM conference on Computer and communications security
Fine grained access control for SOAP E-services

Proceedings of the 10th international conference on World Wide Web
Securing XML documents: the author-X project demonstration

SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Towards usage control models: beyond traditional access control

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
An authorization model for temporal XML documents

Proceedings of the 2002 ACM symposium on Applied computing
Secure and selective dissemination of XML documents

ACM Transactions on Information and System Security (TISSEC)
Specifying and enforcing access control policies for XML document sources

World Wide Web
Securing XML Documents

EDBT '00 Proceedings of the 7th International Conference on Extending Database Technology: Advances in Database Technology
Towards securing XML Web services

Proceedings of the 2002 ACM workshop on XML security
Formal authorisation allocation approaches for permission-role assignments using relational algebra operations

ADC '03 Proceedings of the 14th Australasian database conference - Volume 17
Concept-level access control for the Semantic Web

Proceedings of the 2003 ACM workshop on XML security
A normal form for XML documents

ACM Transactions on Database Systems (TODS)
Achieving secure and flexible M-services through tickets

IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans

A purpose-based access control in native XML databases

Concurrency and Computation: Practice & Experience

Quantified Score

Hi-index	0.01

Visualization

Abstract

XML promoted by the World Wide Web Consortium (W3C) is a de facto standard language for document representation and exchange on the Internet. XML documents may contain private information that cannot be shared by all user communities. Several approaches are designed to protect information in a website. However, these approaches typically are used at file system level, rather than for the data in XML documents that have to be protected from unauthorized access. Usage control has been considered as the next generation access control model with distinguishing properties of decision continuity. In this paper, we present a usage control model to protect information distributed on the web, which allows the access restrictions directly on structures and documents. The model not only supports complex constraints for XML components, such as elements, attributes and datatypes but also provides a mechanism to build rich reuse relationships between models and documents. Finally, comparisons with related works are analysed.