Abstract
Since XML became the core meta language for many data formats, we need a fine-grained access control model for XML to protect sensitive information carried by XML elements or by relationships between these elements. Several models have already been suggested, but we claim that none of them is sufficiently expressive to properly express some basic security requirements, especially those related to entity relationships protection. To cope with these limitations, we suggest to structure the access control policy using the new concept of block. This is used to hide relationships between nodes selected in different blocks. It provides means to specify confidentiality restriction associated with some relationships. An access control model, called XML-BB (XML Block Based Access Control), that includes this concept of block is presented and the implementation of this model is described.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bertino, E., Castano, S., Ferrari, E., Mesiti, M.: Specifying and Enforcing Access Control Policies for XML Document Sources. World Wide Web Journal (2000)
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Securing XML Documents. In: Zaniolo, C., Grust, T., Scholl, M.H., Lockemann, P.C. (eds.) EDBT 2000. LNCS, vol. 1777, Springer, Heidelberg (2000)
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: A Fine-Grained Access Control System for XML Documents. ACM Transactions on Information and System Security (TISSEC) (2002)
Gabillon, A., Bruno, E.: Regulating Access to XML documents. In: Fifteenth Annual IFIP WG 11.3 Working Conference on Database Security, Niagara on the Lake, Ontario, Canada (2001)
Gabillon, A.: An Authorization Model for XML DataBases. In: ACM Workshop on Secure Web Services, Fairfax, VA (2004)
Kudo, M., Hada, S.: XML Document Security Based on Provisional Authorisation. ACM Computer and Communications Security, Athens Greece (2000)
Finance, B., Medjdoub, S., Pucheral, P.: The case for access control on xml relationships. In: Proceedings of the, ACM CIKM International Conference on Information and Knowledge Management, pp. 107–114. ACM Press, New York (2005)
Brewer, D., Nash, M.: The Chinese wall security policy. In: IEEE Symposium on Security and Privacy, Oakland (1989)
Clark, J., DeRose, S.: XML Path Language (XPath) Version 1.0. Technical report, World Wide Web Consortium (W3C) (2000), http://www.w3c.org/TR/xpath
Cuppens, F., Cuppens-Boulahia, N., Sans, T.: Protection of Relationships in XML Documents with the XML-BB Model. In: Jajodia, S., Mazumdar, C. (eds.) ICISS 2005. LNCS, vol. 3803, pp. 148–163. Springer, Heidelberg (2005)
Laux, A., Martin, L.: XML Update (XUpdate) language. Technical report, XML:DB working draft (1999), http://www.xmldb.org/xupdate
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cuppens, F., Cuppens-Boulahia, N., Sans, T. (2007). XML-BB: A Model to Handle Relationships Protection in XML Documents. In: Apolloni, B., Howlett, R.J., Jain, L. (eds) Knowledge-Based Intelligent Information and Engineering Systems. KES 2007. Lecture Notes in Computer Science(), vol 4694. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74829-8_135
Download citation
DOI: https://doi.org/10.1007/978-3-540-74829-8_135
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74828-1
Online ISBN: 978-3-540-74829-8
eBook Packages: Computer ScienceComputer Science (R0)