A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Extensible markup language (XML) part 2: linking
World Wide Web Journal - Special issue on XML: principles, tools, and techniques
The platform for privacy preferences
Communications of the ACM
XML-GL: a graphical language for querying and restructuring XML documents
WWW '99 Proceedings of the eighth international conference on World Wide Web
ACM Computing Surveys (CSUR)
A Model for Evaluation and Administration of Security in Object-Oriented Databases
IEEE Transactions on Knowledge and Data Engineering
An Authorization Model for a Distributed Hypertext System
IEEE Transactions on Knowledge and Data Engineering
Data-Driven, One-To-One Web Site Generation for Data-Intensive Applications
VLDB '99 Proceedings of the 25th International Conference on Very Large Data Bases
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Controlling Access to XML Documents
IEEE Internet Computing
An Access Control Model for Tree Data Structures
ISC '02 Proceedings of the 5th International Conference on Information Security
Translating Access Authorizations for Transformed XML Documents
DEXA '02 Proceedings of the 13th International Conference on Database and Expert Systems Applications
Enabling access-privacy for random walk based data analysis applications
Data & Knowledge Engineering
Adaptive Solutions for Access Control within Pervasive Healthcare Systems
ICOST '08 Proceedings of the 6th international conference on Smart Homes and Health Telematics
Access Control Labeling Scheme for Efficient Secure XML Query Processing
KES '08 Proceedings of the 12th international conference on Knowledge-Based Intelligent Information and Engineering Systems, Part II
Efficient Secure Labeling Method under Dynamic XML Data Streams
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
The Halting Problem and Undecidability of Document Generation under Access Control for Tree Updates
LATA '09 Proceedings of the 3rd International Conference on Language and Automata Theory and Applications
Rewrite-based verification of XML updates
Proceedings of the 12th international ACM SIGPLAN symposium on Principles and practice of declarative programming
Privacy-aware access control in XML databases
ADC '10 Proceedings of the Twenty-First Australasian Conference on Database Technologies - Volume 104
Distributed and secure access control in P2P databases
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Light-weight access control scheme for XML data
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part II
Information and Computation
A formal language for specifying complex XML authorisations with temporal constraints
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Efficient access control labeling scheme for secure XML query processing
Computer Standards & Interfaces
QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata
The VLDB Journal — The International Journal on Very Large Data Bases
Peer-to-peer data integration with active XML
ASIAN'05 Proceedings of the 10th Asian Computing Science conference on Advances in computer science: data management on the web
Towards secure XML document with usage control
APWeb'05 Proceedings of the 7th Asia-Pacific web conference on Web Technologies Research and Development
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I
Access authorization policy for XML document security
ISPA'05 Proceedings of the 2005 international conference on Parallel and Distributed Processing and Applications
A static analysis using tree automata for XML access control
ATVA'05 Proceedings of the Third international conference on Automated Technology for Verification and Analysis
A formal access control model for XML databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Detecting privacy violations in sensitive XML databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Access policy sheet for access control in fine-grained XML
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
A model of XML access control with dual-level security views
APWeb'06 Proceedings of the 2006 international conference on Advanced Web and Network Technologies, and Applications
Enforcing semantics-aware security in multimedia surveillance
Journal on Data Semantics II
Secure model management operations for the web
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
License protection with a tamper-resistant token
WISA'04 Proceedings of the 5th international conference on Information Security Applications
Two phase filtering for XML access control
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
Information disclosure by XPath queries
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
Efficient access control for secure XML query processing in data streams
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
Protection of relationships in XML documents with the XML-BB model
ICISS'05 Proceedings of the First international conference on Information Systems Security
A novel labeling scheme for secure broadcasting of XML data
KDXD'06 Proceedings of the First international conference on Knowledge Discovery from XML Documents
Secure XML querying based on authorization graphs
Information Systems Frontiers
Storing XML rules in relational storage of XML DTD
Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
Pragmatic XML access control using off-the-shelf RDBMS
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
| Hi-index | 0.00 |
Web-based applications greatly increase information availability and ease of access, which is optimal for public information. The distribution and sharing by theWeb of information that must be accessed in a selective way requires the definition and enforcement of security controls, ensuring that information will be accessible only to authorized entities. Approaches proposed to this end level, independently from the semantics of the data to be protected and for this reason result limited. The eXtensible Markup Language (XML), a markup language promoted by the World Wide Web Consortium (W3C), represents an important opportunity to solve this problem. We present an access control model to protect information distributed on the Web that, by exploiting XML's own capabilities, allows the definition and enforcement of access restrictions directly on the structure and content of XML documents. We also present a language for the specification of access restrictions that uses standard notations and concepts and briefly describe a system architecture for access control enforcement based on existing technology.