Abstract
The integration of XML data among organizations is essential for providing information infrastructure for global e-services. Secure data sharing and interoperability among cooperating XML systems is a major concern. Role-based access control (RBAC) models appear to be the most attractive solution for providing fine-grained access control on shared XML data among cooperating XML systems. In this paper we propose a dynamic role translation in order to provide secure data sharing among systems while preserving necessary autonomy of each individual system. We address security violation caused by associating roles among XML systems and give our solution.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bertino, E., Castano, S., Ferrari, S., Mesiti, M.: Specifying and Enforcing Access Control Policies for XML Document Sources. In: World Wide Web, Baltzer, vol. 3(3) (2000)
Bodlaender, H.L.: Dynamic programming on graphs with bounded tree-width. In: Lepistö, T., Salomaa, A. (eds.) ICALP 1988. LNCS, vol. 317, pp. 103–118. Springer, Heidelberg (1988)
Bonatti, P.A., Sapino, M.L., Subrahmanian, V.S.: Merging heterogeneous security orderings. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 183–197. Springer, Heidelberg (1996)
Chatvichienchai, S., Iwaihara, M., Kambayashi, Y.: Towards Translating Authorizations for Transformed XML Documents. In: Proc. 3rd Int. Conf. Web Info. Systems Engineering (WISE), pp. 291–300 (December 2002)
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Fine Grained Access Control for SOAP e-Services. In: 10th Int. World Wide Web Conf., pp. 504–513. ACM Press, New York (2001)
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: A Fine-grained Access Control System for XML Documents. ACM Trans. Info. and Syst. Security (TISSEC) 5(2), 169–202 (2002)
Doan, A.H., Domingos, P., Halevy, A.: Reconciling Schemas of Disparate Data Sources: a Machine-Learning Approach. In: Proc ACM SIGMOD Conf., pp. 509–520 (2001)
Garey, M.R., Johnson, D.S.: Computers and Intractability, A Guide to the Theory of NP-Completeness, p. 192. W.H. Freeman, New York (1979)
Hitchens, M., Varadharajan, V.: RBAC for XML Document Stores. In: Information and Communications Security, 3rd Int. Conf., pp. 131–143 (2001)
Jonscher, D., Dittrich, K.R.: An Approach for Building Secure Database Federations. In: Proc. 20th VLDB Conference, pp. 24–35 (1994)
Madhavan, J., Bernstein, P.A., Rahm, E.: Generic Schema Matching with Cupid. In: Proc. 27th VLDB Conference, Roma, Italy, pp. 49–58 (2001)
Osborn, S.: Database Security Integration Using Role-Based Access Control. In: Proc. TC11/ WG11.3 14th Ann. Working Conf. Database Security, pp. 245–258 (August 2000)
van Leeuwen, J. (ed.): Handbook of Theoretical Computer Science. Algorithm and Complexity, vol. A, p. 549. MIT Press, Cambridge (1990)
Wang, L., Wijesekera, D., Jajodia, S.: Towards Secure XML Federations. In: 16th IFIP WG11.3 Working Conf. Database and Application Security (2002)
W3C. Extensible Markup Language (XML) 1.0 (2nd edn.) (October 2000), http://www.w3c.org/TR/REC-xml
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chatvichienchai, S., Iwaihara, M., Kambayashi, Y. (2003). Secure Interoperability between Cooperating XML Systems by Dynamic Role Translation. In: MaÅ™Ãk, V., Retschitzegger, W., Å tÄ›pánková, O. (eds) Database and Expert Systems Applications. DEXA 2003. Lecture Notes in Computer Science, vol 2736. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45227-0_84
Download citation
DOI: https://doi.org/10.1007/978-3-540-45227-0_84
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40806-2
Online ISBN: 978-3-540-45227-0
eBook Packages: Springer Book Archive