Abstract
The web has made easily available an enormous amount of information in digital form and has facilitated the exchange of such information. In this environment, access control is a primary concern. The key issue is how to trade-off between maximizing the sharing of information and enforcing a controlled access to web data. In this paper we start by outlining which are the main access control requirements of web data. Then, we review researches carried on in the field, by mainly focusing on xml. Finally, we discuss policy languages for the semantic web, and outline which are the main research directions in this field.
Résumé
La toile mondiale a rendu disponible une énorme quantité d’informations sous forme numérique et a facilité l’échange de ces informations. Le contrôle d’accès est donc primordial. Le problème principal consiste à trouver un compromis entre la maximisation de partage des informations et le renforcement du contrôle de l’accès aux données de la toile. L’article commence par esquisser les principales exigences d’un tel contrôle d’accès. Il passe ensuite en revue les recherches entreprises dans ce domaine, en insistant sur l’emploi d’xML. Il discute enfin les langages de règles pour la toile sémantique et évoque les directions de recherche dans ce domaine.
Similar content being viewed by others
References
Antoniou (G.),Billington (G.D.),Governatori (G.)Maher (M.), Representation Results for Defeasible Logic,Acm Transactions on Computational Logic, vol. 2, 2001.
Antoniou (G.),Van Harmelen (F.), A Semantic Primer,MIT Press, 2003.
Air Force Studies Board, Committee on Multilevel Data Management Security, Multilevel Data Management Security, National Academy Press, 1983.
Bell (D.),LaPadula (L.), Secure Computer Systems: Unified Exposition and Multics Interpretation. ESD-TR-75-306, Hanscom Air Force Base, Bedford, MA, 1975.
Berners-Lee (T.),Hendler (J.),Lassila (O.), The Semantic Web.Scientific American, May 2001.
Bertino (E.), Carminati (B.), Ferrari (E.), Thuraisingham (B.), Gupta (A.), Selective and Authentic ThirdParty Distribution ofXml Documents,Ieee Transactions on Knowledge and Data Engineering (Tkde), 16(10):1263–1278, 2004.
Bertino (E.),Ferrari (E.), Development of Multilevel Secure Database Systems,Database and Data Communication Network Systems, Academic Press, 2002.
Bertino (E.),Carminati (B.),Ferrari (E.), A Temporal Key Management Scheme for BroadcastingXml Documents, In Proc. of the 9thAcm Conference on Computer and Communications Security (CCS’02), Washington, November, 2002,Acm Press.
Bertino (E.),Castano (S.),Ferrari (E.), On Specifying Security Policies for Web Documents with anXml-based Language, In Proc. of theAcm Symposium on Access Control Models and Technologies (Sacmat’01), Fairfax, VA, May 2001.
Bertino (E.), Ferrari (E.), Secure and Selective Dissemination ofXml Documents,Acm Transactions on Information and System Security (Tissec), 5(3): 290–331, 2002.
Boley (H.), The Rule Markup Language: RDF-XML Data Model, xml Schema Hierarchy, andXsl Transformations, Available at: www.dfki.uni-kl.de/boley/ruleml-mht.pdf.
Carminati (B.),Ferrari (E.),Thuraisingham (B.), Using RDF for Policy Specification and Enforcement, In Proc. of theDexa International Workshop on Web Semantics -WebS 2004. Zaragoza, Spain, 2004.
Damiani (E.),De Capitani di Vimercati (S.),Paraboschi (S.),Samarati (P.), Securing XML Documents, In Proc. of theInternational Conference on Extending Database Technology (EDBT2000), Konstanz, Germany, 2000.
Damiani (E.), De Capitani di Vimercati (S.), Paraboschi (S.), Samarati (P.), A Finegrained Access Control System for XML documents, ACM Transactions on Information and System Security, (Tissec), 5(2): 169–202, 2002.
De Capitani di Vimercati (S.), Paraboschi (S.), Samarati (P.), Access Control: Principles and Solutions,Software — Practice and Experience, 33(5):397–421, 2003.
De Capitani di Vimercati (S.),Samarati (P.),Jajodia (S.), Policies, Models, and Languages for Access Control, In Proc. of the4th Databases in Networked Information Systems (DNIS’05),Lncs 3433, 225–237, Aizu, Japan, 2005.
Ferraiolo (D.), Sandhu (R.), Gavrila (S.), Kuhn (D.), Chandramouli (R.), Proposed NIST Standard for Role-based Access Control. ACM Transactions on Information and System Security (Tissec), 4(3):224–274, 2001.
Ferrari (E.), Thuraisingham (B.), Secure Database Systems, In O. Diaz and M. Piattini editors,Advanced Databases: Technology and Design, Artech House, London, 2000.
Gabillon (A.),Bruno (E.), Regulating Access toXml Documents, In Proc. of theFifteenth Annual IFIP WG 11.3 Working Conference on Database Security, Canada, 2001.
Gabillon (A.), An Authorization Model for xml DataBases, In Proc. of theWorkshop on Secure Web Services, Fairfax, VA, USA, 2004.
Griffths (P. P.), Wade (B.W.), An Authorization Mechanism for a Relational Database System,ACM Transactions on Database Systems, 1(3):242–255, September 1976.
Grosof (B.),Labrou (Y.),Chan (H.), A Declarative Approach to Business Rules in Contracts: Courteous Logic Programs in XML, In Proc. of the 1stAcm Conference on Electronic Commerce, Denver, Colorado, USA, 1999.
Gruber (T.R.), A Translation Approach to Portable Ontology Specifications, Knowledge Acquisition,International Journal of Knowledge Acquisition for Knowledge-based Systems, 5:199–220, 1993.
Kudo (M.),Hada (S.), xml Document Security based on Provisional Authorization, In Proc. of the 7thAcm Conference on Computer and Communication Security, Washington D.C., USA, 2000.
Murata (M.),Tozawa (A.),Kudo (M.),Hada (S.),Xml Access Control using Static Analysis, In Proc. of the 10thAcm Conference on Computer and Communication Security, Washington D.C., USA, 2003.
Park (J.),Sandhu (R.), TheUconarc Usage Control Model,Acm Transactions on Information and System Security, 7(1), February 2004.
OasisConsortium, extensible Access Control Markup Language (Xacml), Version 1.1, Available at: http://www.oasis-open.org/committees/xacml/
Sandhu (R.). Role Hierarchies and Constraints for Lattice-Based Access Controls, In Proc. of the 4th European Symposium on Research in Computer Security (Esorics’96), Rome, Italy, 1996.
RuleML Initiative, http://www.ruleml.org/
Sandhu (R.), Coyne (E.), Feinstein (H.), Youman (C), Role-Based Access Control Models,Ieee Computer, 29(2):38–47, February 1996.
Stallings (W.), Network Security Essentials: Applications and Standards,Prentice Hall, 2000.
Thuraisingham (B.),Ford (W.), Security Constraint Processing in a Multilevel Distributed Database Management System,Ieee Transactions on Knowledge and Data Engineering, 7(2), 1995.
Thuraisingham (B.), Security Standards for the Semantic Web,Computer Standards and Interface Journal, 27(3): 257–268, March 2005.
Zhang (X.),Park (J.),Sandhu (R.), Schema Based xml Security:Rbac Approach, In Proc. of the 17thIfip 11.3 Working Conference on Data and Application Security, Estes Park, Colorado, USA, August, 2003.
Wang (J.),Osborn (S.), A Role-based Approach to Access Control forXml Databases, In Proc. of the 9thAcm Symposium on Access Control Models and Technologies, New York, USA, June, 2004.
Winslett (M.), Ching (N.), Jones (V.), Slepchin (I.), Using Digital Credentials on the World Wide Web,Journal of Computer Security, 5(3):255–267, December 1997.
World Wide Web Consortium, Extensible Markup Language (Xml) 1.0, 1998, Available at: http://www.w3.org/TR/REC-xml
World Wide Web Consortium, The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, W3C Recommendation, April 2002. Available at: http://www.w3.org/TR/P3P/
World Wide Web Consortium, Resource Description Framework (RDF) Concepts and Abstract Syntax. Available at: www.w3c.org/TR/rdf-concepts.
World Wide Web Consortium, Resource Description Framework (RDF) Primer, 2003. Available at: www.w3c.org/TR/rdf-primer.
World Wide Web Consortium, Resource Description Framework (RDF) Semantics, 2004. Available at: www.w3c.org/TR/rdf-mt.
World Wide Web Consortium, XML Path Language (Xpath), 1.0, 1999. Available at: http://www.w3.org/TR/xpath
World Wide Web Consortium, OWL Web Ontology Language Overview, 2003. Available at: www.w3c.org/TR/owl-features.
World Wide Web Consortium, OWL Web Ontology Language Reference, 2004 Available at: http://www.w3.org/TR/owl-ref/
World Wide Web Consortium, OWL Web Ontology Language Guide, 2004. Available at: www.w3c.org/TR/owl-guide.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Carminatp, B., Ferrari, E. & Thuraisingham, B. Access control for web data: models and policy languages. Ann. Télécommun. 61, 245–266 (2006). https://doi.org/10.1007/BF03219908
Received:
Accepted:
Issue Date:
DOI: https://doi.org/10.1007/BF03219908