A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
Extensible markup language (XML) part 2: linking
World Wide Web Journal - Special issue on XML: principles, tools, and techniques
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Data & Knowledge Engineering
XML Access Control Systems: A Component-Based Approach
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Author-X: A Java-Based System for XML Data Protection
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Controlling Access to XML Documents
IEEE Internet Computing
An Access Control Model for Tree Data Structures
ISC '02 Proceedings of the 5th International Conference on Information Security
Regulating access to SMIL formatted pay-per-view movies
Proceedings of the 2002 ACM workshop on XML security
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
XML access control using static analysis
Proceedings of the 10th ACM conference on Computer and communications security
Derived access control specification for XML
Proceedings of the 2003 ACM workshop on XML security
RDF metadata for XML access control
Proceedings of the 2003 ACM workshop on XML security
Authorization Translation for XML Document Transformation
World Wide Web
Specifying access control policies for XML documents with XPath
Proceedings of the ninth ACM symposium on Access control models and technologies
A role-based approach to access control for XML databases
Proceedings of the ninth ACM symposium on Access control models and technologies
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Mediation security specification and enforcement for heterogeneous databases
Proceedings of the 2005 ACM symposium on Applied computing
The case for access control on XML relationships
Proceedings of the 14th ACM international conference on Information and knowledge management
A function-based access control model for XML databases
Proceedings of the 14th ACM international conference on Information and knowledge management
An access control model for querying XML data
Proceedings of the 2005 workshop on Secure web services
Ontology guided XML security engine
Journal of Intelligent Information Systems - Special issue: Database and applications security
Model driven development of secure XML databases
ACM SIGMOD Record
XML access control using static analysis
ACM Transactions on Information and System Security (TISSEC)
Multimedia-based authorization and access control policy specification
Proceedings of the 3rd ACM workshop on Secure web services
Compact access control labeling for efficient secure XML query evaluation
Data & Knowledge Engineering
Policy Administration Control and Delegation Using XACML and Delegent
GRID '05 Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing
Formalizing XML access control for update operations
Proceedings of the 12th ACM symposium on Access control models and technologies
Secure Information Sharing in a Virtual Multi-Agency Team Environment
Electronic Notes in Theoretical Computer Science (ENTCS)
On the efficiency of secure XML broadcasting
Information Sciences: an International Journal
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Client-based access control management for XML documents
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Secure XML publishing without information leakage in the presence of data inference
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Secure distribution and access of XML documents
International Journal of High Performance Computing and Networking
Adaptive Solutions for Access Control within Pervasive Healthcare Systems
ICOST '08 Proceedings of the 6th international conference on Smart Homes and Health Telematics
DRM policies for web map service
SPRINGL '08 Proceedings of the SIGSPATIAL ACM GIS 2008 International Workshop on Security and Privacy in GIS and LBS
CSchema: a downgrading policy language for XML access control
Journal of Computer Science and Technology
Access control system to XML databases: a framework
IMSA '07 Proceedings of the Eleventh IASTED International Conference on Internet and Multimedia Systems and Applications
Access control for XML documents and data
Information Security Tech. Report
XML repository searcher-browser supporting fine-grained access control
International Journal of Computers and Applications
Static verification of access control model for AXML documents
APWeb/WAIM'07 Proceedings of the joint 9th Asia-Pacific web and 8th international conference on web-age information management conference on Advances in data and web management
On flexible modeling of history-based access control policies for XML documents
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
Query rewriting algorithm evaluation for XML security views
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Hasslefree: simplified access control management for XML documents
ICDCIT'07 Proceedings of the 4th international conference on Distributed computing and internet technology
A system architecture for history-based access control for XML documents
ICICS'07 Proceedings of the 9th international conference on Information and communications security
Unifying private registry and web service access control
MIV'05 Proceedings of the 5th WSEAS international conference on Multimedia, internet & video technologies
QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata
The VLDB Journal — The International Journal on Very Large Data Bases
An efficient access control model for schema-based relational storage of XML documents
Proceedings of the 49th Annual Southeast Regional Conference
Policy classes and query rewriting algorithm for XML security views
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
KES'06 Proceedings of the 10th international conference on Knowledge-Based Intelligent Information and Engineering Systems - Volume Part I
Access authorization policy for XML document security
ISPA'05 Proceedings of the 2005 international conference on Parallel and Distributed Processing and Applications
A formal access control model for XML databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Access policy sheet for access control in fine-grained XML
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
Authorization-Transparent access control for XML under the non-truman model
EDBT'06 Proceedings of the 10th international conference on Advances in Database Technology
XML-Based declarative access control
SOFSEM'05 Proceedings of the 31st international conference on Theory and Practice of Computer Science
Using schemas to simplify access control for XML documents
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
XML access control with policy matching tree
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Two phase filtering for XML access control
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
An efficient yet secure XML access control enforcement by safe and correct query modification
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
Efficient access control for secure XML query processing in data streams
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
Protection of relationships in XML documents with the XML-BB model
ICISS'05 Proceedings of the First international conference on Information Systems Security
Secure XML querying based on authorization graphs
Information Systems Frontiers
Storing XML rules in relational storage of XML DTD
Proceedings of the Second International Conference on Computational Science, Engineering and Information Technology
Pragmatic XML access control using off-the-shelf RDBMS
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Enhancing Data Security in ERP Projects Using XML
International Journal of Enterprise Information Systems
| Hi-index | 0.00 |
In this paper, our objective is to define a security model for regulating access to XML documents. Our model offers a security policy with a great expressive power. An XML document is represented by a tree. Nodes of this tree are of different type (element, attribute, text, comment...etc). The smallest protection granularity of our model is the node, that is, authorisation rules granting or denying access to a single node can be defined. The authorisation rules related to a specific XML document are first defined on a separate Authorisation sheet. This Authorisation sheet is then translated into an XSLT sheet. If a user requests access to the XML document then the XSLT processor uses the XSLT sheet to provide the user with a view of the XML document which is compatible with his rights.