Access control policies:some unanswered questions
Computers and Security
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
A distributed object-oriented database system supporting shared and private databases
ACM Transactions on Information Systems (TOIS)
Network security: private communication in a public world
Network security: private communication in a public world
Role-Based Access Control Models
Computer
The management of computer security profiles using a role-oriented approach
Computers and Security
Strategic directions in electronic commerce and digital libraries: towards a digital agora
ACM Computing Surveys (CSUR) - Special ACM 50th-anniversary issue: strategic directions in computing research
Secure computing: threats and safeguards
Secure computing: threats and safeguards
Extractors for digital library objects
Extractors for digital library objects
Principles of multimedia database systems
Principles of multimedia database systems
A hierarchical access control scheme for digital libraries
Proceedings of the third ACM conference on Digital libraries
Conceptual schema analysis: techniques and applications
ACM Transactions on Database Systems (TODS)
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
A flexible authorization mechanism for relational data management systems
ACM Transactions on Information Systems (TOIS)
Using digital credentials on the World Wide Web
Journal of Computer Security - Special issue on security in the World Wide Web
A Temporal Access Control Mechanism for Database Systems
IEEE Transactions on Knowledge and Data Engineering
An Authorization Model for a Distributed Hypertext System
IEEE Transactions on Knowledge and Data Engineering
An Extended Authorization Model for Relational Databases
IEEE Transactions on Knowledge and Data Engineering
An Approach for Building Secure Database Federations
VLDB '94 Proceedings of the 20th International Conference on Very Large Data Bases
An Authorization Model for Workflows
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
A Logical Framework for Reasoning on Data Access Control Policies
CSFW '99 Proceedings of the 12th IEEE workshop on Computer Security Foundations
Safeguarding Digital Library Contents and Users: Protecting DocumentsRather Than Channels
Safeguarding Digital Library Contents and Users: Protecting DocumentsRather Than Channels
Communications of the ACM
An access control model for video database systems
Proceedings of the ninth international conference on Information and knowledge management
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
A hierarchical access control model for video database systems
ACM Transactions on Information Systems (TOIS)
An authorization system for digital libraries
The VLDB Journal — The International Journal on Very Large Data Bases
An approach to engineer and enforce context constraints in an RBAC environment
Proceedings of the eighth ACM symposium on Access control models and technologies
Concept-level access control for the Semantic Web
Proceedings of the 2003 ACM workshop on XML security
An integrated approach to engineer and enforce context constraints in RBAC environments
ACM Transactions on Information and System Security (TISSEC)
An Authorization Model for Geospatial Data
IEEE Transactions on Dependable and Secure Computing
Proceedings of the 6th international conference on Mobile data management
Multimedia Tools and Applications
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
Multimedia-based authorization and access control policy specification
Proceedings of the 3rd ACM workshop on Secure web services
A multimedia access control language for virtual and ambient intelligence environments
Proceedings of the 2007 ACM workshop on Secure web services
MCSE: a multimedia context-based security engine
EDBT '08 Proceedings of the 11th international conference on Extending database technology: Advances in database technology
A geotemporal role-based authorisation system
International Journal of Information and Computer Security
ACM Transactions on Multimedia Computing, Communications, and Applications (TOMCCAP)
RBAC-based access control for privacy protection in pervasive environments
Proceedings of the 3rd International Conference on Ubiquitous Information Management and Communication
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Detecting Inference Channels in Private Multimedia Data via Social Networks
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Automatic transformations between geoscience standards using XML
Computers & Geosciences
Context RBAC/MAC access control for ubiquitous environment
DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications
A General Framework for Web Content Filtering
World Wide Web
Integrating constraints to support legally flexible business processes
Information Systems Frontiers
Credential-Based policies management in an access control framework protecting XML resources
ISCIS'06 Proceedings of the 21st international conference on Computer and Information Sciences
A framework for flexible access control in digital library systems
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Authrule: a generic rule-based authorization module
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Specifying an access control model for ontologies for the semantic web
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
A hybrid approach for personalized recommendation of news on the Web
Expert Systems with Applications: An International Journal
A semantic context-aware access control in pervasive environments
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part II
Ontology-Based policy specification and management
ESWC'05 Proceedings of the Second European conference on The Semantic Web: research and Applications
A flexible framework for content-based access management for federated digital libraries
ECDL'05 Proceedings of the 9th European conference on Research and Advanced Technology for Digital Libraries
A standards-based approach for supporting dynamic access policies for a federated digital library
ICADL'05 Proceedings of the 8th international conference on Asian Digital Libraries: implementing strategies and sharing experiences
A graph-based formalism for controlling access to a digital library ontology
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
A semantic authorization model for pervasive healthcare
Journal of Network and Computer Applications
Hi-index | 0.03 |
Digital Libraries (DLs) introduce several challenging requirements with respect to the formulation, specification, and enforcement of adequate data protection policies. Unlike conventional database environments, a DL environment typically is characterized by dynamic user population, often making accesses from remote locations, and by an extraordinarily large amount of multimedia information, stored in a variety of formats. Moreover, in a DL environment, access policies are often specified based on user qualifications and characteristics, rather than user identity (for example, a user can be given access to an R-rated video only if he/she is older than 18 years). Another crucial requirement is the support for content-dependent authorizations on digital library objects (for example, all documents containing discussions on how to operate guns must be made available only to users who are 18 or older). Since traditional authorization models do not adequately meet access control requirements typical to DLs, in this paper, we propose a content-based authorization model suitable for a DL environment. Specifically, the most innovative features of our authorization model are: 1) flexible specification of authorizations based on the qualifications and characteristics of users (including positive and negative), 2) both content-dependent and content-independent access control to digital library objects, and 3) varying granularity of authorization objects ranging from sets of library objects to specific portions of objects.