Secure Interoperability between Cooperating XML Systems by Dynamic Role Translation

Chatvichienchai, Somchai; Iwaihara, Mizuho; Kambayashi, Yahiko

doi:10.1007/978-3-540-45227-0_84

Somchai Chatvichienchai⁷,
Mizuho Iwaihara⁷ &
Yahiko Kambayashi⁷

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2736))

Included in the following conference series:

International Conference on Database and Expert Systems Applications

647 Accesses
1 Citations

Abstract

The integration of XML data among organizations is essential for providing information infrastructure for global e-services. Secure data sharing and interoperability among cooperating XML systems is a major concern. Role-based access control (RBAC) models appear to be the most attractive solution for providing fine-grained access control on shared XML data among cooperating XML systems. In this paper we propose a dynamic role translation in order to provide secure data sharing among systems while preserving necessary autonomy of each individual system. We address security violation caused by associating roles among XML systems and give our solution.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bertino, E., Castano, S., Ferrari, S., Mesiti, M.: Specifying and Enforcing Access Control Policies for XML Document Sources. In: World Wide Web, Baltzer, vol. 3(3) (2000)
Google Scholar
Bodlaender, H.L.: Dynamic programming on graphs with bounded tree-width. In: Lepistö, T., Salomaa, A. (eds.) ICALP 1988. LNCS, vol. 317, pp. 103–118. Springer, Heidelberg (1988)
Google Scholar
Bonatti, P.A., Sapino, M.L., Subrahmanian, V.S.: Merging heterogeneous security orderings. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 183–197. Springer, Heidelberg (1996)
Google Scholar
Chatvichienchai, S., Iwaihara, M., Kambayashi, Y.: Towards Translating Authorizations for Transformed XML Documents. In: Proc. 3rd Int. Conf. Web Info. Systems Engineering (WISE), pp. 291–300 (December 2002)
Google Scholar
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Fine Grained Access Control for SOAP e-Services. In: 10th Int. World Wide Web Conf., pp. 504–513. ACM Press, New York (2001)
Chapter Google Scholar
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: A Fine-grained Access Control System for XML Documents. ACM Trans. Info. and Syst. Security (TISSEC) 5(2), 169–202 (2002)
Article Google Scholar
Doan, A.H., Domingos, P., Halevy, A.: Reconciling Schemas of Disparate Data Sources: a Machine-Learning Approach. In: Proc ACM SIGMOD Conf., pp. 509–520 (2001)
Google Scholar
Garey, M.R., Johnson, D.S.: Computers and Intractability, A Guide to the Theory of NP-Completeness, p. 192. W.H. Freeman, New York (1979)
MATH Google Scholar
Hitchens, M., Varadharajan, V.: RBAC for XML Document Stores. In: Information and Communications Security, 3rd Int. Conf., pp. 131–143 (2001)
Google Scholar
Jonscher, D., Dittrich, K.R.: An Approach for Building Secure Database Federations. In: Proc. 20th VLDB Conference, pp. 24–35 (1994)
Google Scholar
Madhavan, J., Bernstein, P.A., Rahm, E.: Generic Schema Matching with Cupid. In: Proc. 27th VLDB Conference, Roma, Italy, pp. 49–58 (2001)
Google Scholar
Osborn, S.: Database Security Integration Using Role-Based Access Control. In: Proc. TC11/ WG11.3 14th Ann. Working Conf. Database Security, pp. 245–258 (August 2000)
Google Scholar
van Leeuwen, J. (ed.): Handbook of Theoretical Computer Science. Algorithm and Complexity, vol. A, p. 549. MIT Press, Cambridge (1990)
Google Scholar
Wang, L., Wijesekera, D., Jajodia, S.: Towards Secure XML Federations. In: 16th IFIP WG11.3 Working Conf. Database and Application Security (2002)
Google Scholar
W3C. Extensible Markup Language (XML) 1.0 (2nd edn.) (October 2000), http://www.w3c.org/TR/REC-xml

Download references

Author information

Authors and Affiliations

Department of Social Informatics, Kyoto University, Yoshida Sakyo Kyoto, 606-8501, Japan
Somchai Chatvichienchai, Mizuho Iwaihara & Yahiko Kambayashi

Authors

Somchai Chatvichienchai
View author publications
You can also search for this author in PubMed Google Scholar
Mizuho Iwaihara
View author publications
You can also search for this author in PubMed Google Scholar
Yahiko Kambayashi
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Gerstner Laboratory, Czech Technical University in Prague, Technická 2, 166 27, Prague 6, Czech Republic
Vladimír Mařík
Johannes Kepler University Linz, Altenberger Str. 69, 4040, Linz, Austria
Werner Retschitzegger
Faculty of Electrical Engineering, The Gerstner Laboratory, Czech Technical University in Prague, Technická 2, 166 27, Prague 6, Czech Republic
Olga Štěpánková

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Chatvichienchai, S., Iwaihara, M., Kambayashi, Y. (2003). Secure Interoperability between Cooperating XML Systems by Dynamic Role Translation. In: Mařík, V., Retschitzegger, W., Štěpánková, O. (eds) Database and Expert Systems Applications. DEXA 2003. Lecture Notes in Computer Science, vol 2736. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45227-0_84

Download citation

DOI: https://doi.org/10.1007/978-3-540-45227-0_84
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40806-2
Online ISBN: 978-3-540-45227-0
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics