Using digital credentials on the World Wide Web
Journal of Computer Security - Special issue on security in the World Wide Web
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X
IEEE Internet Computing
XML access control using static analysis
Proceedings of the 10th ACM conference on Computer and communications security
A compressed accessibility map for XML
ACM Transactions on Database Systems (TODS)
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
IPAC: an interactive approach to access control for semi-structured data
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
The dynamic predicate: integrating access control with query processing in XML databases
The VLDB Journal — The International Journal on Very Large Data Bases
Fine-grained sticky provenance architecture for office documents
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
An integrated approach for identity and access management in a SOA context
Proceedings of the 16th ACM symposium on Access control models and technologies
Credential-Based policies management in an access control framework protecting XML resources
ISCIS'06 Proceedings of the 21st international conference on Computer and Information Sciences
| Hi-index | 0.00 |
Protecting information over the Web is today becoming a primary need. Although many access control models have been so far proposed to address the specific protection requirements of the web environment, no comparable amount of work has been done for finding efficient techniques for performing access control. We believe that the availability of techniques for speeding-up access control is a key issue to make an access control model widely acceptable. This is particularly crucial in an environment such as the web, characterized by thousands of users and thousands of documents. For these reasons, in this paper we propose a technique for speeding-up access control, which can be applied to credential-based access control models. We propose a data structure that keeps track of the policies that apply to the various portions of a data source, and which does not require the scanning of the policy base for performing access control. In the paper, besides giving the algorithms for building such data structure and for performing access control, we present a complexity analysis of the proposed approach, which demonstrates the benefits with traditional methods.