Skip to main content
Springer Nature Link
Log in

A Model of XML Access Control with Dual-Level Security Views

  • Conference paper
Advanced Web and Network Technologies, and Applications (APWeb 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3842))

Included in the following conference series:

  • 802 Accesses

Abstract

XML becomes a standard format for data interchanges on Internet, especially in E-commerce. Although XML technology has been widely used, the research and development on XML security is still at the early stage. The control of XML access is important for protecting XML documents from being illegally modified or accessed. Most of available models utilize a single level check point. In this paper, we proposed an access control model with dual level access control: file-level and element-level (or attribute-level). The model allows adopt the XBLP policy with file-level security, while employs Hide-Node View for element-level security. The architecture framework of the access control model and implementation are briefly described.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Bertino, E., Ferrari, E.: Secure and Selective dissemination of XML documents. ACM Transactions on Information and System Security 5(3), 290–331 (2003)

    Article  Google Scholar 

  2. Cho, S., Amer-Yahia, S., Lakshmanan, L., Srivastav, D.: Optimizing the Secure Evaluation of Twig Queries. In: Proc. of 28th VLDB, pp. 490–501 (2002)

    Google Scholar 

  3. Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Securing XML Documents. In: Zaniolo, C., Grust, T., Scholl, M.H., Lockemann, P.C. (eds.) EDBT 2000. LNCS, vol. 1777, pp. 121–135. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  4. Damiani, E., Vimercati, S., Paraboschi, S., Samarati, P.: A Fine-grained Access Control System for XML Documents. ACM Transactions on Information and System Security 5(2), 169–202 (2002)

    Article  Google Scholar 

  5. Hada, S., Kudo, M.: XML Access Control Language: Provisional Authorization for XML Documents, http://www.trl.ibm.com/projects/xml/xacl/xacl-spec.html

  6. Oasis: eXtensible Access Control Markup Language (XACML), http://www.oasis-open.org/committees/xcaml

  7. Miklau, G., Suciu, D.: Controlling Access to Published Data Using Cryptography. In: Proc. of 29th VLDB, pp. 898–909 (2003)

    Google Scholar 

  8. Murata, M., Tozawa, A., Kudo, M., Hada, S.: XML Access Control Using Static Analysis. In: Proc. of Computer and Communications Security, pp. 73–84 (2003)

    Google Scholar 

  9. Fan, W., Chan, C.Y., Garofalakis, M.: Secure XML Querying with Security Views. In: Proc. of the 2004 ACM SIGMOD, pp. 587–598 (2004)

    Google Scholar 

  10. Fundulaki, I., Marx, M.: Specifying Access Control Policies for XML Documents with XPath. In: Proc. of 9th SACMAT, pp. 61–69. ACM Press, New York (2004)

    Chapter  Google Scholar 

  11. Li, L., He, Y.Z., Feng, D.G.: A Fine-Grained Mandatory Access Control Model for XML Documents. Journal of Software 15(10), 1528–1537 (2004)

    MATH  Google Scholar 

  12. Sandhu, R., Coyne, E.J., Feinstein, H.L.: Role Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Harbin Engineering University, Harbin, Heilongjiang Province, China

    Wei Sun, Da-xin Liu & Tong Wang

Authors
  1. Wei Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Da-xin Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tong Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Information Technology and Electrical Engineering, The University of Queensland, Brisbane, QLD, Australia

    Heng Tao Shen

  2. School of Computer Science and Technology, Heilongjiang University, P.O. Box, 150080, Harbin, China

    Jinbao Li

  3. Department of Computer Science and Engineering, Shanghai Jiatong University, 80 Dongcuan Road, 200240, Shanghai, China

    Minglu Li

  4. Department of Computer Science, College of Liberal Arts and Science, University of Iowa, 52242, Iowa City, IA, USA

    Jun Ni

  5. UNC Chapel Hill,  

    Wei Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sun, W., Liu, Dx., Wang, T. (2006). A Model of XML Access Control with Dual-Level Security Views. In: Shen, H.T., Li, J., Li, M., Ni, J., Wang, W. (eds) Advanced Web and Network Technologies, and Applications. APWeb 2006. Lecture Notes in Computer Science, vol 3842. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11610496_109

Download citation

  • DOI: https://doi.org/10.1007/11610496_109

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-31158-4

  • Online ISBN: 978-3-540-32435-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics