Skip to main content
Springer Nature Link
Log in

An Extended Mandatory Access Control Model for XML

  • Conference paper
Advances in Computer Science – ASIAN 2005. Data Management on the Web (ASIAN 2005)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3818))

Included in the following conference series:

  • 469 Accesses

Abstract

More and more information is distributed in XML format. Information stored in XML documents should be protected by access control policy. An extended MAC model for XML is presented. The subject and object are discussed at first. The labeled XML document model, which includes three rules and one algorithm, is presented allowing for definition and enforcement of access restrictions directly on the structure and content of XML documents. The extended MAC model for XML documents is described in detail by discussing four operations on XML documents. The architecture and some mechanisms used to implement the model are discussed at last.

Supported by the National Natural Science Foundation of China under Grant No.50474033.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Similar content being viewed by others

References

  1. Bertino, E., Castano, S., Ferrari, E.: On Specifying Security Policies for Web Documents with an XML-based Language. In: Proceedings of Sixth ACM Symposium on Access Control Models and Technologies (2001)

    Google Scholar 

  2. Damiani, E., di Vimercati, S.D.C., Paraboschi, S., Samarati, P.: A Fine Grained Access Control System for XML Documents. ACM Transactions on Information and System Security 5(2) (May 2002)

    Google Scholar 

  3. Why XML Schema beats DTDs hands-down for data (2005), http://www.106.ibm.com /developerworks /xml/library/x-sbsch.html

  4. Hada, S., Kudo, M.: XML Access Control Language:Provisional Authorization for XML Documents. Tokyo Research Laboratory, IBM Research, April 17 (2002)

    Google Scholar 

  5. Vuong, N.N., Smith, G.S., Deng, Y.: Managing Security Policies in a Distributed Environment Using eXtensible Markup Language (XML). In: Symposium on Applied Computing (March 2001)

    Google Scholar 

  6. XACML 2.0 specification (2005), http://docs.oasis-open.org/xacml/2.0/XACML-2.0-OS-ALL.zip

  7. Li, L., He, Y.-Z., Feng, D.-G.: A Fine-Grained Mandatory Access Control Model for XML Documents. Journal of Software 15(10), 1528–1537 (2004)

    MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Xiamen University, Xiamen, 361005

    Dong-Zhan Zhang & Yong-Sheng Xue

Authors
  1. Dong-Zhan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yong-Sheng Xue
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. INRIA-LIAMA Institute of Automation, Beijing, China

    Stéphane Grumbach

  2. Computer Science and Engineering Department, San Diego, University of California, 92093-0404, La Jolla, CA, USA

    Liying Sui

  3. UC San Diego, USA

    Victor Vianu

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhang, DZ., Xue, YS. (2005). An Extended Mandatory Access Control Model for XML. In: Grumbach, S., Sui, L., Vianu, V. (eds) Advances in Computer Science – ASIAN 2005. Data Management on the Web. ASIAN 2005. Lecture Notes in Computer Science, vol 3818. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596370_37

Download citation

  • DOI: https://doi.org/10.1007/11596370_37

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30767-9

  • Online ISBN: 978-3-540-32249-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics