The Indiana Center for Database Systems at Purdue University
ACM SIGMOD Record
ACM Transactions on Information and System Security (TISSEC)
Distributed access control: a privacy-conscious approach
Proceedings of the 12th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
Securing data is becoming a crucial need for most internet-based applications. Whereas the problem of data confidentiality has been widely investigated, the problem of how to ensure that data, when moving among different parties, are modified only according to the stated policies has been so far not deeply investigated. In this paper, we propose an approach supporting parallel and distributed secure updates to XML documents. The approach, based on the use of a security region-object parallel flow (S-RPF) graph protocol, is particularly suited for all environments requiring cooperative updates to XML documents. It allows different users to simultaneously update different portions of the same document, according to the specified access control policies. Additionally, it supports a decentralized management of update operations in that a subject can exercise its privileges and verify the correctness of the operations performed so far on the document without interacting, in most of the cases, with the document server.