A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Role-Based Access Control Models
Computer
Secure computing: threats and safeguards
Secure computing: threats and safeguards
Modeling users in role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Using digital credentials on the World Wide Web
Journal of Computer Security - Special issue on security in the World Wide Web
On specifying security policies for web documents with an XML-based language
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Network Security Essentials: Applications and Standards
Network Security Essentials: Applications and Standards
Securing XML Documents with Author-X
IEEE Internet Computing
A Model for Evaluation and Administration of Security in Object-Oriented Databases
IEEE Transactions on Knowledge and Data Engineering
An Authorization Model for a Distributed Hypertext System
IEEE Transactions on Knowledge and Data Engineering
A Content-Based Authorization Model for Digital Libraries
IEEE Transactions on Knowledge and Data Engineering
Using Schema Matching to Simplify Heterogeneous Data Translation
VLDB '98 Proceedings of the 24rd International Conference on Very Large Data Bases
Relying Party Credentials Framework
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Tutorial 4: Directories: Managing Data for Networked Applications
ICDE '00 Proceedings of the 16th International Conference on Data Engineering
Access Control Meets Public Key Infrastructure, Or: Assigning Roles to Strangers
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Access control of XML documents considering update operations
Proceedings of the 2003 ACM workshop on XML security
A bitmap-based access control for restricted views of XML documents
Proceedings of the 2003 ACM workshop on XML security
Succinct specifications of portable document access policies
Proceedings of the ninth ACM symposium on Access control models and technologies
Specifying access control policies for XML documents with XPath
Proceedings of the ninth ACM symposium on Access control models and technologies
A role-based approach to access control for XML databases
Proceedings of the ninth ACM symposium on Access control models and technologies
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
AC-XML documents: improving the performance of a web access control module
Proceedings of the tenth ACM symposium on Access control models and technologies
Generalized XML security views
Proceedings of the tenth ACM symposium on Access control models and technologies
Provable bounds for portable and flexible privacy-preserving access
Proceedings of the tenth ACM symposium on Access control models and technologies
Scalable security and accounting services for content-based publish/subscribe systems
Proceedings of the 2005 ACM symposium on Applied computing
Integration and Efficient Lookup of Compressed XML Accessibility Maps
IEEE Transactions on Knowledge and Data Engineering
An approach to cooperative updates of XML documents in distributed systems
Journal of Computer Security
Securing XML data in third-party distribution systems
Proceedings of the 14th ACM international conference on Information and knowledge management
The case for access control on XML relationships
Proceedings of the 14th ACM international conference on Information and knowledge management
A function-based access control model for XML databases
Proceedings of the 14th ACM international conference on Information and knowledge management
Succinct representation of flexible and privacy-preserving access rights
The VLDB Journal — The International Journal on Very Large Data Bases
Journal of Cognitive Neuroscience
Model driven development of secure XML databases
ACM SIGMOD Record
ACM Transactions on Information and System Security (TISSEC)
Compact access control labeling for efficient secure XML query evaluation
Data & Knowledge Engineering
History-based access control for XML documents
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Policy Administration Control and Delegation Using XACML and Delegent
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
XIR: cache invalidation strategy for xml data in mobile environments
MobiDE '07 Proceedings of the 6th ACM international workshop on Data engineering for wireless and mobile access
Distributed access control: a privacy-conscious approach
Proceedings of the 12th ACM symposium on Access control models and technologies
Formalizing XML access control for update operations
Proceedings of the 12th ACM symposium on Access control models and technologies
Secure Information Sharing in a Virtual Multi-Agency Team Environment
Electronic Notes in Theoretical Computer Science (ENTCS)
Enabling access-privacy for random walk based data analysis applications
Data & Knowledge Engineering
An electronic patient record "on steroids": distributed, peer-to-peer, secure and privacy-conscious
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
ACCOn: checking consistency of XML write-access control policies
EDBT '08 Proceedings of the 11th international conference on Extending database technology: Advances in database technology
Secure distribution and access of XML documents
International Journal of High Performance Computing and Networking
Proceedings of the 2nd international conference on Scalable information systems
Dynamic anonymization: accurate statistical analysis with privacy preservation
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Preservation of proximity privacy in publishing numerical sensitive data
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
An integrated access control for securely querying and updating XML data
ADC '08 Proceedings of the nineteenth conference on Australasian database - Volume 75
Access Control Labeling Scheme for Efficient Secure XML Query Processing
KES '08 Proceedings of the 12th international conference on Knowledge-Based Intelligent Information and Engineering Systems, Part II
An Introduction to Authorization Conflict Problem in RDF Access Control
KES '08 Proceedings of the 12th international conference on Knowledge-Based Intelligent Information and Engineering Systems, Part II
Efficient Secure Labeling Method under Dynamic XML Data Streams
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
A practical mandatory access control model for XML databases
Information Sciences: an International Journal
Security and privacy for geospatial data: concepts and research directions
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
Information disclosure by answers to XPath queries
Journal of Computer Security - Selected papers from the Third and Fourth Secure Data Management (SDM) workshops
CSchema: a downgrading policy language for XML access control
Journal of Computer Science and Technology
A semantic cache framework for secure XML queries
Journal of Computer Science and Technology
Controlling Access to XML Documents over XML Native and Relational Databases
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Automatic transformations between geoscience standards using XML
Computers & Geosciences
A Privacy Manager for Cloud Computing
CloudCom '09 Proceedings of the 1st International Conference on Cloud Computing
Access control for XML documents and data
Information Security Tech. Report
XML repository searcher-browser supporting fine-grained access control
International Journal of Computers and Applications
ClientBased access control evaluator for XML databases
CIT'09 Proceedings of the 3rd International Conference on Communications and information technology
XML secure views using semantic access control
Proceedings of the 2010 EDBT/ICDT Workshops
Security issues for the use of semantic web in e-commerce
BIS'07 Proceedings of the 10th international conference on Business information systems
On flexible modeling of history-based access control policies for XML documents
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
Query rewriting algorithm evaluation for XML security views
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Hasslefree: simplified access control management for XML documents
ICDCIT'07 Proceedings of the 4th international conference on Distributed computing and internet technology
Repairing inconsistent XML write-access control policies
DBPL'07 Proceedings of the 11th international conference on Database programming languages
Security-conscious XML indexing
DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications
A system architecture for history-based access control for XML documents
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Privacy-aware access control in XML databases
ADC '10 Proceedings of the Twenty-First Australasian Conference on Database Technologies - Volume 104
Light-weight access control scheme for XML data
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part II
Proceedings of the 14th International Conference on Database Theory
Access Control for Databases: Concepts and Systems
Foundations and Trends in Databases
Efficient access control labeling scheme for secure XML query processing
Computer Standards & Interfaces
QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata
The VLDB Journal — The International Journal on Very Large Data Bases
An efficient access control model for schema-based relational storage of XML documents
Proceedings of the 49th Annual Southeast Regional Conference
Journal of Computer and System Sciences
Towards secure XML document with usage control
APWeb'05 Proceedings of the 7th Asia-Pacific web conference on Web Technologies Research and Development
XML subtree queries: specification and composition
DBPL'05 Proceedings of the 10th international conference on Database Programming Languages
Specifying an access control model for ontologies for the semantic web
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Detecting privacy violations in sensitive XML databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Access control requirements for preventing insider threats
ISI'06 Proceedings of the 4th IEEE international conference on Intelligence and Security Informatics
Extracting global policies for efficient access control of XML documents
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
Access policy sheet for access control in fine-grained XML
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
A model of XML access control with dual-level security views
APWeb'06 Proceedings of the 2006 international conference on Advanced Web and Network Technologies, and Applications
Authorization-Transparent access control for XML under the non-truman model
EDBT'06 Proceedings of the 10th international conference on Advances in Database Technology
An adaptive privacy management system for data repositories
TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
XML-Based declarative access control
SOFSEM'05 Proceedings of the 31st international conference on Theory and Practice of Computer Science
Designing secure indexes for encrypted databases
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Secure model management operations for the web
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Using schemas to simplify access control for XML documents
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
XML access control with policy matching tree
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Abstraction for privacy in context-aware environments
MATA'05 Proceedings of the Second international conference on Mobility Aware Technologies and Applications
Two phase filtering for XML access control
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
Information disclosure by XPath queries
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
An effective, efficient XML data broadcasting method in a mobile wireless network
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
Confidentiality enforcement for XML outsourced data
EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology
Query translation for XPath-based security views
EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology
Secure query processing against encrypted XML data using Query-Aware Decryption
Information Sciences: an International Journal
Protecting disseminative information in E-Learning
ICWL'07 Proceedings of the 6th international conference on Advances in web based learning
Efficient access control for secure XML query processing in data streams
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
Protecting privacy during peer-to-peer exchange of medical documents
Information Systems Frontiers
A purpose-based access control in native XML databases
Concurrency and Computation: Practice & Experience
Secure XML querying based on authorization graphs
Information Systems Frontiers
Enhancing privacy in cloud computing via policy-based obfuscation
The Journal of Supercomputing
Storing XML rules in relational storage of XML DTD
Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
Pragmatic XML access control using off-the-shelf RDBMS
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
HyXAC: a hybrid approach for XML access control
Proceedings of the 18th ACM symposium on Access control models and technologies
Access control requirements for structured document in cloud computing
International Journal of Grid and Utility Computing
Interactive Design Recommendation Using Sensor Based Smart Wear and Weather WebBot
Wireless Personal Communications: An International Journal
| Hi-index | 0.00 |
XML (eXtensible Markup Language) has emerged as a prevalent standard for document representation and exchange on the Web. It is often the case that XML documents contain information of different sensitivity degrees that must be selectively shared by (possibly large) user communities. There is thus the need for models and mechanisms enabling the specification and enforcement of access control policies for XML documents. Mechanisms are also required enabling a secure and selective dissemination of documents to users, according to the authorizations that these users have. In this article, we make several contributions to the problem of secure and selective dissemination of XML documents. First, we define a formal model of access control policies for XML documents. Policies that can be defined in our model take into account both user profiles, and document contents and structures. We also propose an approach, based on an extension of the Cryptolope™ approach [Gladney and Lotspiech 1997], which essentially allows one to send the same document to all users, and yet to enforce the stated access control policies. Our approach consists of encrypting different portions of the same document according to different encryption keys, and selectively distributing these keys to the various users according to the access control policies. We show that the number of encryption keys that have to be generated under our approach is minimal and we present an architecture to support document distribution.