Application of XML tools for enterprise-wide RBAC implementation tasks
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Managing security policies in a distributed environment using eXtensible markup language (XML)
Proceedings of the 2001 ACM symposium on Applied computing
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X
IEEE Internet Computing
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
Access control of XML documents considering update operations
Proceedings of the 2003 ACM workshop on XML security
A bitmap-based access control for restricted views of XML documents
Proceedings of the 2003 ACM workshop on XML security
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
A flexible mandatory access control policy for XML databases
Proceedings of the 2nd international conference on Scalable information systems
A practical mandatory access control model for XML databases
Information Sciences: an International Journal
Hi-index | 0.00 |
Information stored in XML documents should be protected from unauthorized access. In military or other highly secure environments, mandatory access control (MAC) policy should be enforced on the sensitive information. If we use XML documents to store or exchange information in these environments, we should also enforce MAC policy on these XML documents. In this paper, we discussed a method to enforce fine-grained MAC policy on XML documents. The model of XML document is extended to contain the security information – label. Three kinds of labels are defined to determine the labels of the nodes in XML documents. Security view of XML document under MAC policy is proposed in this paper. The operations on XML documents will be redirected to the security views which contain the proper nodes under MAC policy. Validity of the security views is also described. Four kinds of operations on XML documents are discussed in details to explain how to enforce mandatory access control. The problem of polyinstantiation caused by these operations is also discussed. At last the architecture of enforcing MAC policy on XML documents is presented.