XML-Based declarative access control

Authors:
Robert Steele;William Gardner;Tharam S. Dillon;Abdelkarim Erradi
Affiliations:
Faculty of Information Technology, University of Technology, Sydney, Broadway, NSW, Australia;Faculty of Information Technology, University of Technology, Sydney, Broadway, NSW, Australia;Faculty of Information Technology, University of Technology, Sydney, Broadway, NSW, Australia;Faculty of Information Technology, University of Technology, Sydney, Broadway, NSW, Australia
Venue:
SOFSEM'05 Proceedings of the 31st international conference on Theory and Practice of Computer Science
Year:
2005

Citing 16
Cited 1

OdeView: the graphical interface to Ode

SIGMOD '90 Proceedings of the 1990 ACM SIGMOD international conference on Management of data
XML document security based on provisional authorization

Proceedings of the 7th ACM conference on Computer and communications security
XML query forms (XQForms): declarative specification of XML query interfaces

Proceedings of the 10th international conference on World Wide Web
A fine-grained access control system for XML documents

ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents

ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X

IEEE Internet Computing
Controlling Access to XML Documents

IEEE Internet Computing
PESTO: An Integrated Query/Browser for Object Databases

VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
BBQ: A Visual Interface for Integrated Browsing and Querying of XML

VDB 5 Proceedings of the Fifth Working Conference on Visual Database Systems: Advances in Visual Information Management
Regulating access to XML documents

Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Mixing Querying and Navigation in MIX

ICDE '02 Proceedings of the 18th International Conference on Data Engineering
Derived access control specification for XML

Proceedings of the 2003 ACM workshop on XML security
An Object-Oriented Database-based Architecture for Mobile Enterprise Applications

ITCC '04 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'04) Volume 2 - Volume 2
XML Schema-Based Discovery and Invocation of Mobile Services

EEE '04 Proceedings of the 2004 IEEE International Conference on e-Technology, e-Commerce and e-Service (EEE'04)
Secure XML querying with security views

SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Controlling access to published data using cryptography

VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29

Hasslefree: simplified access control management for XML documents

ICDCIT'07 Proceedings of the 4th international conference on Distributed computing and internet technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

XML, a self-describing and semi-structured data format, is becoming a standard to represent and exchange data between applications across the Web. XML repositories are also starting to be used either to store data or as an interoperability layer for legacy applications and data sources. The widespread use of XML highlights the need for flexible access control models for XML documents to protect sensitive and valuable information from unauthorised access. This paper presents a novel declarative access control model and elaborates how this model allows the expression of access control rules in XML. The paper further introduces the operational semantics of the model by describing the Xplorer engine which supports search-browse-navigate activities on XML repositories. Xplorer takes as inputs XML-based data schema, instance data and access control rules to auto-generate an access control-enabled Web application in accordance with these rules.