RDF metadata for XML access control
Proceedings of the 2003 ACM workshop on XML security
Ontology guided XML security engine
Journal of Intelligent Information Systems - Special issue: Database and applications security
Hi-index | 0.00 |
This paper presents a first step towards a security model that defines access control for logical document structures. This model benefits from roles to abstract from users and from security levels (classifications) that abstract from objects. The security levels are defined on top of a complex document structure which will be needed for real web applications. Since a user clearance for an operation can be designated from roles and permissions, we use a lattice that defines a partial order over classifications to make an authorisation decision. Ordinary users should be able to handle the right management of their documents. The proposed model can be used in a decentral way.