An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy
IEEE Transactions on Computers
A cryptographic key generation scheme for multilevel data security
Computers and Security
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
Protection in operating systems
Communications of the ACM
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
A cryptographic solution to implement access control in a hierarchy and more
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A formal semantics of patterns in XSLT and XPath
Markup Languages
A temporal key management scheme for secure broadcasting of XML documents
Proceedings of the 9th ACM conference on Computer and communications security
Securing XML Documents with Author-X
IEEE Internet Computing
A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy
IEEE Transactions on Knowledge and Data Engineering
Containment for XPath Fragments under DTD Constraints
ICDT '03 Proceedings of the 9th International Conference on Database Theory
XPath Containment in the Presence of Disjunction, DTDs, and Variables
ICDT '03 Proceedings of the 9th International Conference on Database Theory
Security of Tzeng's Time-Bound Key Assignment Scheme for Access Control in a Hierarchy
IEEE Transactions on Knowledge and Data Engineering
Role-Based Access Control
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION
Containment and equivalence for a fragment of XPath
Journal of the ACM (JACM)
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Security analysis of cryptographically controlled access to XML documents
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Security analysis of cryptographically controlled access to XML documents
Journal of the ACM (JACM)
Defining the security required for WAP based mobile ticket sales
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Variations on a theme by Akl and Taylor: Security and tradeoffs
Theoretical Computer Science
Preserving SQL access control policies over published XML data
Proceedings of the 2009 EDBT/ICDT Workshops
Query rewriting algorithm evaluation for XML security views
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Access control policy translation and verification within heterogeneous data federations
Proceedings of the 15th ACM symposium on Access control models and technologies
Privacy-aware access control in XML databases
ADC '10 Proceedings of the Twenty-First Australasian Conference on Database Technologies - Volume 104
A formal language for specifying complex XML authorisations with temporal constraints
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Role-based access to facilities lifecycle information on RFID tags
Advanced Engineering Informatics
ACM Transactions on Information and System Security (TISSEC)
An auto-delegation mechanism for access control systems
STM'10 Proceedings of the 6th international conference on Security and trust management
Algebraic Framework for the Specification and Analysis of Cryptographic-Key Distribution
Fundamenta Informaticae
Hi-index | 0.00 |
W3C Recommendations XML Encryption and XML-Digital Signature can be used to protect the confidentiality of and provide assurances about the integrity of XML documents transmitted over an insecure medium. The focus of this paper is how to control access to XML documents, once they have been received. This is particularly important for services where updates are sent to subscribers. We describe how certain access control policies for restricting access to XML documents can be enforced by encrypting specified regions of the document. These regions are specified using XPath filters and the policies are based on the hierarchical structure of XML documents. We also describe how techniques for assigning keys to a security lattice can be adapted to minimize the number of keys that are distributed to users and compare our approach with two other access control frameworks. Finally we consider how role-based access control can be used to enforce more complex access control policies.