Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
On specifying security policies for web documents with an XML-based language
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X
IEEE Internet Computing
Regulating access to XML documents
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Hi-index | 0.00 |
Organizations are increasingly using the the eXtensible Markup Language (XML) for document representation and exchange on the Web To protect an XML document from unauthorized access, authorizations are specified on the XML document itself or on the Document Type Definition (DTD) that defines the type of the XML document Each XML document or DTD is associated with an XML Access Sheet (XAS) that specifies the authorizations The DTD not being an XML document complicates the specification and enforcement of authorization policies To overcome the above mentioned problem, XML Schemas need to be used instead of DTDs In this paper, we show how XAS DTDs can be specified using XML Schemas and propose an access control architecture that can process XAS authorizations Enforcement of access control allows users to view only those parts of the documents that they are authorized to view These parts may not conform to the schema of the original document and hence may not be valid Towards this end we propose a schema loosening algorithm that generates a schema that will be satisfied by documents satisfying the access control requirements.