WWW '99 Proceedings of the eighth international conference on World Wide Web
Using digital credentials on the World Wide Web
Journal of Computer Security - Special issue on security in the World Wide Web
On specifying security policies for web documents with an XML-based language
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Securing XML documents: the author-X project demonstration
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Network Security Essentials: Applications and Standards
Network Security Essentials: Applications and Standards
Securing XML Documents with Author-X
IEEE Internet Computing
An Authorization Model for a Distributed Hypertext System
IEEE Transactions on Knowledge and Data Engineering
Information Systems - Special issue on web data integration
Specifying access control policies for XML documents with XPath
Proceedings of the ninth ACM symposium on Access control models and technologies
Policy Administration Control and Delegation Using XACML and Delegent
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
Measuring the structural similarity among XML documents and DTDs
Journal of Intelligent Information Systems
A Secure Mediator for Integrating Multiple Level Access Control Policies
KES '08 Proceedings of the 12th international conference on Knowledge-Based Intelligent Information and Engineering Systems, Part II
A novel client-based approach for signing and checking web forms by using XML against DoS attacks
Proceedings of the 12th International Conference on Information Integration and Web-based Applications & Services
Secure XML querying based on authorization graphs
Information Systems Frontiers
Engineering Financial Enterprise Content Management Services: Integration and Control
International Journal of Systems and Service-Oriented Engineering
Hi-index | 0.00 |
EXtensible Markup Language (XML) security has become a relevant research topic due to the wide-spread use of XML as the language for information interchange and document definition over the Web. In this context, developing an access control mechanism in terms of XML is an important step for Web information security. In this paper, we present the protection and administration facilities of Author-X, a Java-based system for discretionary access control to XML documents. Relevant features of Author-X are both a set-oriented and a document-oriented credential-based document protection, a differentiated protection of document/document type contents through the support of multi-granularity protection objects and positive/negative authorizations, and the support for different access control strategies. In this paper, we focus on the strategies we have developed for enforcing access control. Additionally, we provide a description of the environment we have developed to help the Security Officer in performing administrative activities related to both security policy and subject credential management.