A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Database security
Role-Based Access Control Models
Computer
Commercial integrity, roles and object orientation
Commercial integrity, roles and object orientation
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Modeling users in role-based access control
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Controlling Access to XML Documents
IEEE Internet Computing
A Model of Authorization for Object-Oriented and Semantic Databases
EDBT '88 Proceedings of the International Conference on Extending Database Technology: Advances in Database Technology
ICICS '01 Proceedings of the Third International Conference on Information and Communications Security
Regulating access to XML documents
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Generalized XML security views
Proceedings of the tenth ACM symposium on Access control models and technologies
The case for access control on XML relationships
Proceedings of the 14th ACM international conference on Information and knowledge management
Multimedia-based authorization and access control policy specification
Proceedings of the 3rd ACM workshop on Secure web services
A multimedia access control language for virtual and ambient intelligence environments
Proceedings of the 2007 ACM workshop on Secure web services
An integrated access control for securely querying and updating XML data
ADC '08 Proceedings of the nineteenth conference on Australasian database - Volume 75
Query rewriting algorithm evaluation for XML security views
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Hasslefree: simplified access control management for XML documents
ICDCIT'07 Proceedings of the 4th international conference on Distributed computing and internet technology
Specifying an access control model for ontologies for the semantic web
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
A purpose-based access control in native XML databases
Concurrency and Computation: Practice & Experience
Secure XML querying based on authorization graphs
Information Systems Frontiers
Pragmatic XML access control using off-the-shelf RDBMS
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
| Hi-index | 0.00 |
In order to provide a general access control methodology for parts of XML documents, we propose combining role-based access control as found in the Role Graph Model, with a methodology originally designed for object-oriented databases. We give a description of the methodology, showing how different access modes, XPath expressions and roles can be combined, and how propagation of permissions is handled. Given this general approach, a system developer can design a complex authorization model for collections of XML documents.