Static Verification of Access Control Model for AXML Documents

Kim, Il-Gon

doi:10.1007/978-3-540-72524-4_71

Il-Gon Kim¹

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4505))

Included in the following conference series:

1128 Accesses

Abstract

Reasoning about the access control model for AXML documents is a non-trivial topic because of its own challenging issues: the hierarchical nature of XML with embedded service call and query transformation. In this paper, we present a methodology to specify an access control model (GUP^ster) for AXML (Active XML) documents by translating a query, schema, and access control policy in CSP language. Then, we show how to verify access control policies of AXML documents, by illustrating the running example, with the FDR model checker. Finally, the examples demonstrate that our automated static verification is efficient to analyze security problems, not only whether the policies give legitimate users enough permissions to read data, but also whether the policies prevent unauthorized users from reading sensitive data.

This work was supported by the INRIA projects ARC-ASAX.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 84.99; Price excludes VAT (USA)

Softcover Book: USD 109.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Abiteboul, S., Alxe, B., Benjelloun, O., Cautis, B., Fundulaki, I., Milo, T., Sahuguet, A.: An Electronic Patient Record ”On Steroids”: Distributed, Peer-to-Peer, Secure and Privacy-conscious. In: Proceedings of VLDB Conference (2004)
Google Scholar
Bryans, J.: Reasoning about XACML policies using CSP. In: Proceedings of SWS Workshop, pp. 28–35 (2005)
Google Scholar
Active XML (AXML) Home Page (2004), http://activexml.net
E. Damiani. S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati. “A Fine-Grained Access Control System for XML Documents”, TISSEC, 5(2):169-202, 2002.
Article Google Scholar
Formal Systems Ltd. FDR2 User Manual (Aug. 1999)
Google Scholar
Gabillion, A., Bruno, E.: Regulating Access to XML Documents. In: Proceedings of Working Conference on Database and Application Security (2001)
Google Scholar
Godik, S., Moses, T.: eXtensible Access Control Markup Language(XACML) version 1.0. Technical Report, OASIS (2003)
Google Scholar
Murata, M., Tozawa, A., Kudo, M.: XML Access Control Using Static Analysis. In: Proceedings of CCS Conference, pp. 73–84 (2002)
Google Scholar
Roscoe, A.W.: The Theory and Practice of Concurrency. Prentice-Hall, Englewood Cliffs (1997)
Google Scholar
Sahuguet, A., Hull, R., Lieuwen, D.F., Xiong, M.: Enter Once, Share Everywhere: User Profile Management in Converged Networks. In: Proceedings of CIDR Conference (2003)
Google Scholar

Download references

Author information

Authors and Affiliations

Korea Information Security Agency, 78, Garak-Dong, Songpa-Gu, Seoul,138-803, Korea
Il-Gon Kim

Authors

Il-Gon Kim
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Guozhu Dong Xuemin Lin Wei Wang Yun Yang Jeffrey Xu Yu

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Kim, IG. (2007). Static Verification of Access Control Model for AXML Documents . In: Dong, G., Lin, X., Wang, W., Yang, Y., Yu, J.X. (eds) Advances in Data and Web Management. APWeb WAIM 2007 2007. Lecture Notes in Computer Science, vol 4505. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72524-4_71

Download citation

DOI: https://doi.org/10.1007/978-3-540-72524-4_71
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72483-4
Online ISBN: 978-3-540-72524-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics