Skip to main content
SpringerLink
Log in
Book cover

International Conference on Distributed Computing and Internet Technology

ICDCIT 2007: Distributed Computing and Internet Technology pp 116–128Cite as

Hasslefree: Simplified Access Control Management for XML Documents

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4882))

Abstract

In this article we propose an approach which simplifies the task of DBAs in specifying the access constraints on a XML document. In the proposed methodology, for enforcing a security policy on a XML document, the DBA has to specify access constraints in terms of easy to understand Declarative Access Control Specification (DACS) language primitives. Once the constraints are specified, their corresponding security views are generated by the proposed implemented system. A working prototype based on above approach is also presented.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Berglund, A., Boag, S., Chamberlin, D., Robie, J., Fernndez, M.F., Kay, M., Simon, J.: Xml path language(xpath) version 2.0. W3C Recommendation (2007), see http://www.w3.org/tr/xpath20

  2. Bertino, E., Castano, S., Ferrari, E.: Securing xml documents with author-x. In: IEEE Internet Computing, pp. 21–31. IEEE, Los Alamitos (2001)

    Google Scholar 

  3. Bertino, E., Ferrari, E.: Secure and selective dissemination of xml documents. ACM Trans. Inf. Syst. Secur. 5(3), 290–331 (2002)

    Article  Google Scholar 

  4. Bertino, E., Sandhu, R.: Database security-concepts, approaches, and challenges. IEEE Trans. Dependable Secur. Comput. 2(1), 2–19 (2005)

    Article  Google Scholar 

  5. Fan, W., Chan, C.-Y., Garofalakis, M.: Secure xml querying with security views. In: SIGMOD 2004. Proceedings of the 2004 ACM SIGMOD international conference on Management of data, pp. 587–598. ACM Press, New York (2004)

    Chapter  Google Scholar 

  6. Finance, A., Medjdoub, S., Pucheral, P.: The case for access control on xml relationships. In: CIKM 2005. Proceedings of the 14th ACM international conference on Information and knowledge management, pp. 107–114. ACM Press, New York (2005)

    Chapter  Google Scholar 

  7. Fundulaki, I., Marx, M.: Specifying access control policies for xml documents with xpath. In: SACMAT 2004. Proceedings of the ninth ACM symposium on Access control models and technologies, pp. 61–69. ACM Press, New York (2004)

    Chapter  Google Scholar 

  8. Gabillon, A., Bruno, E.: Regulating access to xml documents. In: Das 2001. Proceedings of the fifteenth annual working conference on Database and application security, Norwell, MA, USA, pp. 299–314. Kluwer Academic Publishers, Dordrecht (2002)

    Google Scholar 

  9. Kitagawa, N., Yoshikawa, M.: A study on efficient access control for xml ducuments. In: ICDEW 2005. Proceedings of the 21st International Conference on Data Engineering Workshops, p. 1230. IEEE Computer Society, Washington, DC, USA (2005)

    Chapter  Google Scholar 

  10. Kudo, M., Hada, S.: Xml document security based on provisional authorization. In: CCS 2000. Proceedings of the 7th ACM conference on Computer and communications security, pp. 87–96. ACM Press, New York (2000)

    Chapter  Google Scholar 

  11. Matheus, A.: How to declare access control policies for xml structured information objects using oasis’ extensible access control markup language (xacml). In: HICSS 2005. Proceedings of the 38th Hawaii International Conference on System Sciences (2005)

    Google Scholar 

  12. Miklau, G., Suciu, D.: Controlling access to published data using cryptography. In: VLDB 2003. Proceedings of the 29th international conference on Very large data bases, pp. 898–909 (2004)

    Google Scholar 

  13. Mohan, S., Klinginsmith, J., Sengupta, A., Wu, Y.: Acxess - access control for xml with enhanced security specifications. In: ICDE 2006. Proceedings of the 2006 International Conference on Data Engineering, p. 171 (2006)

    Google Scholar 

  14. Mohan, S., Sengupta, A., Wu, Y.: Access control for xml: a dynamic query rewriting approach. In: CIKM 2005. Proceedings of the 14th ACM international conference on Information and knowledge management, pp. 251–252. ACM Press, New York (2005)

    Chapter  Google Scholar 

  15. Mohan, S., Wu, Y.: Ipac: an interactive approach to access control for semi-structured data. In: VLDB’2006: Proceedings of the 32nd international conference on Very large data bases, VLDB Endowment, pp. 1147–1150 (2006)

    Google Scholar 

  16. Murata, M., Tozawa, A., Kudo, M., Hada, S.: Xml access control using static analysis. In: CCS 2003. Proceedings of the 10th ACM conference on Computer and communications security, pp. 73–84. ACM Press, New York (2003)

    Chapter  Google Scholar 

  17. Qi, N., Kudo, M., Myllymaki, J., Pirahesh, H.: A function-based access control model for xml databases. In: CIKM 2005. Proceedings of the 14th ACM international conference on Information and knowledge management, pp. 115–122. ACM Press, New York (2005)

    Chapter  Google Scholar 

  18. Steele, R., Gardner, W., Dillion, T.S., Eradi, A.: Xml-based declarative access control. In: Vojtáš, P., Bieliková, M., Charron-Bost, B., Sýkora, O. (eds.) SOFSEM 2005. LNCS, vol. 3381, pp. 310–319. Springer, Heidelberg (2005)

    Google Scholar 

  19. Tripathi., A.: Hasslefree: Simplified access control management for xml documents. Master’s Thesis: Department of Computer Science and Engineering, Motilal Nehru National Institute of Techology, Allahabad, Uttar Pradesh, India (2007)

    Google Scholar 

  20. Wang, J., Osborn, S.L.: A role-based approach to access control for xml databases. In: SACMAT 2004. Proceedings of the ninth ACM symposium on Access control models and technologies, pp. 70–77. ACM Press, New York (2004)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. IBM Global Services(India) Ltd, Gurgaon, India

    Ashish Tripathi

  2. Department of Computer Science and Engineering, Motilal Nehru National Institute of Technology, Allahabad, India

    M. M. Gore

Authors
  1. Ashish Tripathi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. M. M. Gore
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Tomasz Janowski Hrushikesha Mohanty

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tripathi, A., Gore, M.M. (2007). Hasslefree: Simplified Access Control Management for XML Documents. In: Janowski, T., Mohanty, H. (eds) Distributed Computing and Internet Technology. ICDCIT 2007. Lecture Notes in Computer Science, vol 4882. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77115-9_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77115-9_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77112-8

  • Online ISBN: 978-3-540-77115-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation