Skip to main content
SpringerLink
Log in

Access control for web data: models and policy languages

Contrôle D’Accès pour Données de la Toile : Modèles et Langages de Règles

  • Published:
Annales Des Télécommunications Aims and scope Submit manuscript

Abstract

The web has made easily available an enormous amount of information in digital form and has facilitated the exchange of such information. In this environment, access control is a primary concern. The key issue is how to trade-off between maximizing the sharing of information and enforcing a controlled access to web data. In this paper we start by outlining which are the main access control requirements of web data. Then, we review researches carried on in the field, by mainly focusing on xml. Finally, we discuss policy languages for the semantic web, and outline which are the main research directions in this field.

Résumé

La toile mondiale a rendu disponible une énorme quantité d’informations sous forme numérique et a facilité l’échange de ces informations. Le contrôle d’accès est donc primordial. Le problème principal consiste à trouver un compromis entre la maximisation de partage des informations et le renforcement du contrôle de l’accès aux données de la toile. L’article commence par esquisser les principales exigences d’un tel contrôle d’accès. Il passe ensuite en revue les recherches entreprises dans ce domaine, en insistant sur l’emploi d’xML. Il discute enfin les langages de règles pour la toile sémantique et évoque les directions de recherche dans ce domaine.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Antoniou (G.),Billington (G.D.),Governatori (G.)Maher (M.), Representation Results for Defeasible Logic,Acm Transactions on Computational Logic, vol. 2, 2001.

  2. Antoniou (G.),Van Harmelen (F.), A Semantic Primer,MIT Press, 2003.

  3. Air Force Studies Board, Committee on Multilevel Data Management Security, Multilevel Data Management Security, National Academy Press, 1983.

  4. Bell (D.),LaPadula (L.), Secure Computer Systems: Unified Exposition and Multics Interpretation. ESD-TR-75-306, Hanscom Air Force Base, Bedford, MA, 1975.

  5. Berners-Lee (T.),Hendler (J.),Lassila (O.), The Semantic Web.Scientific American, May 2001.

  6. Bertino (E.), Carminati (B.), Ferrari (E.), Thuraisingham (B.), Gupta (A.), Selective and Authentic ThirdParty Distribution ofXml Documents,Ieee Transactions on Knowledge and Data Engineering (Tkde), 16(10):1263–1278, 2004.

    Article  Google Scholar 

  7. Bertino (E.),Ferrari (E.), Development of Multilevel Secure Database Systems,Database and Data Communication Network Systems, Academic Press, 2002.

  8. Bertino (E.),Carminati (B.),Ferrari (E.), A Temporal Key Management Scheme for BroadcastingXml Documents, In Proc. of the 9thAcm Conference on Computer and Communications Security (CCS’02), Washington, November, 2002,Acm Press.

  9. Bertino (E.),Castano (S.),Ferrari (E.), On Specifying Security Policies for Web Documents with anXml-based Language, In Proc. of theAcm Symposium on Access Control Models and Technologies (Sacmat’01), Fairfax, VA, May 2001.

  10. Bertino (E.), Ferrari (E.), Secure and Selective Dissemination ofXml Documents,Acm Transactions on Information and System Security (Tissec), 5(3): 290–331, 2002.

    Article  Google Scholar 

  11. Boley (H.), The Rule Markup Language: RDF-XML Data Model, xml Schema Hierarchy, andXsl Transformations, Available at: www.dfki.uni-kl.de/boley/ruleml-mht.pdf.

  12. Carminati (B.),Ferrari (E.),Thuraisingham (B.), Using RDF for Policy Specification and Enforcement, In Proc. of theDexa International Workshop on Web Semantics -WebS 2004. Zaragoza, Spain, 2004.

  13. Damiani (E.),De Capitani di Vimercati (S.),Paraboschi (S.),Samarati (P.), Securing XML Documents, In Proc. of theInternational Conference on Extending Database Technology (EDBT2000), Konstanz, Germany, 2000.

  14. Damiani (E.), De Capitani di Vimercati (S.), Paraboschi (S.), Samarati (P.), A Finegrained Access Control System for XML documents, ACM Transactions on Information and System Security, (Tissec), 5(2): 169–202, 2002.

    Article  Google Scholar 

  15. De Capitani di Vimercati (S.), Paraboschi (S.), Samarati (P.), Access Control: Principles and Solutions,Software — Practice and Experience, 33(5):397–421, 2003.

    Article  Google Scholar 

  16. De Capitani di Vimercati (S.),Samarati (P.),Jajodia (S.), Policies, Models, and Languages for Access Control, In Proc. of the4th Databases in Networked Information Systems (DNIS’05),Lncs 3433, 225–237, Aizu, Japan, 2005.

  17. Ferraiolo (D.), Sandhu (R.), Gavrila (S.), Kuhn (D.), Chandramouli (R.), Proposed NIST Standard for Role-based Access Control. ACM Transactions on Information and System Security (Tissec), 4(3):224–274, 2001.

    Article  Google Scholar 

  18. Ferrari (E.), Thuraisingham (B.), Secure Database Systems, In O. Diaz and M. Piattini editors,Advanced Databases: Technology and Design, Artech House, London, 2000.

    Google Scholar 

  19. Gabillon (A.),Bruno (E.), Regulating Access toXml Documents, In Proc. of theFifteenth Annual IFIP WG 11.3 Working Conference on Database Security, Canada, 2001.

  20. Gabillon (A.), An Authorization Model for xml DataBases, In Proc. of theWorkshop on Secure Web Services, Fairfax, VA, USA, 2004.

  21. Griffths (P. P.), Wade (B.W.), An Authorization Mechanism for a Relational Database System,ACM Transactions on Database Systems, 1(3):242–255, September 1976.

    Article  Google Scholar 

  22. Grosof (B.),Labrou (Y.),Chan (H.), A Declarative Approach to Business Rules in Contracts: Courteous Logic Programs in XML, In Proc. of the 1stAcm Conference on Electronic Commerce, Denver, Colorado, USA, 1999.

  23. Gruber (T.R.), A Translation Approach to Portable Ontology Specifications, Knowledge Acquisition,International Journal of Knowledge Acquisition for Knowledge-based Systems, 5:199–220, 1993.

    Google Scholar 

  24. Kudo (M.),Hada (S.), xml Document Security based on Provisional Authorization, In Proc. of the 7thAcm Conference on Computer and Communication Security, Washington D.C., USA, 2000.

  25. Murata (M.),Tozawa (A.),Kudo (M.),Hada (S.),Xml Access Control using Static Analysis, In Proc. of the 10thAcm Conference on Computer and Communication Security, Washington D.C., USA, 2003.

  26. Park (J.),Sandhu (R.), TheUconarc Usage Control Model,Acm Transactions on Information and System Security, 7(1), February 2004.

  27. OasisConsortium, extensible Access Control Markup Language (Xacml), Version 1.1, Available at: http://www.oasis-open.org/committees/xacml/

  28. Sandhu (R.). Role Hierarchies and Constraints for Lattice-Based Access Controls, In Proc. of the 4th European Symposium on Research in Computer Security (Esorics’96), Rome, Italy, 1996.

  29. RuleML Initiative, http://www.ruleml.org/

  30. Sandhu (R.), Coyne (E.), Feinstein (H.), Youman (C), Role-Based Access Control Models,Ieee Computer, 29(2):38–47, February 1996.

    Google Scholar 

  31. Stallings (W.), Network Security Essentials: Applications and Standards,Prentice Hall, 2000.

  32. Thuraisingham (B.),Ford (W.), Security Constraint Processing in a Multilevel Distributed Database Management System,Ieee Transactions on Knowledge and Data Engineering, 7(2), 1995.

  33. Thuraisingham (B.), Security Standards for the Semantic Web,Computer Standards and Interface Journal, 27(3): 257–268, March 2005.

    Article  Google Scholar 

  34. Zhang (X.),Park (J.),Sandhu (R.), Schema Based xml Security:Rbac Approach, In Proc. of the 17thIfip 11.3 Working Conference on Data and Application Security, Estes Park, Colorado, USA, August, 2003.

  35. Wang (J.),Osborn (S.), A Role-based Approach to Access Control forXml Databases, In Proc. of the 9thAcm Symposium on Access Control Models and Technologies, New York, USA, June, 2004.

  36. Winslett (M.), Ching (N.), Jones (V.), Slepchin (I.), Using Digital Credentials on the World Wide Web,Journal of Computer Security, 5(3):255–267, December 1997.

    Google Scholar 

  37. World Wide Web Consortium, Extensible Markup Language (Xml) 1.0, 1998, Available at: http://www.w3.org/TR/REC-xml

  38. World Wide Web Consortium, The Platform for Privacy Preferences 1.0 (P3P1.0) Specification, W3C Recommendation, April 2002. Available at: http://www.w3.org/TR/P3P/

  39. World Wide Web Consortium, Resource Description Framework (RDF) Concepts and Abstract Syntax. Available at: www.w3c.org/TR/rdf-concepts.

  40. World Wide Web Consortium, Resource Description Framework (RDF) Primer, 2003. Available at: www.w3c.org/TR/rdf-primer.

  41. World Wide Web Consortium, Resource Description Framework (RDF) Semantics, 2004. Available at: www.w3c.org/TR/rdf-mt.

  42. World Wide Web Consortium, XML Path Language (Xpath), 1.0, 1999. Available at: http://www.w3.org/TR/xpath

  43. World Wide Web Consortium, OWL Web Ontology Language Overview, 2003. Available at: www.w3c.org/TR/owl-features.

  44. World Wide Web Consortium, OWL Web Ontology Language Reference, 2004 Available at: http://www.w3.org/TR/owl-ref/

  45. World Wide Web Consortium, OWL Web Ontology Language Guide, 2004. Available at: www.w3c.org/TR/owl-guide.

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Scienze della Cultura, Universita dell’Insubria, Politiche e Informazione — Via Carloni, 78, 22100, Como, Italy

    Barbara Carminatp & Elena Ferrari

  2. Department of Computer Science EC 31, The University of Texas at Dallas, PO Box 830688, 75083-0688, Richardson, TX, USA

    Bhavani Thuraisingham

Authors
  1. Barbara Carminatp
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Elena Ferrari
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bhavani Thuraisingham
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

About this article

Cite this article

Carminatp, B., Ferrari, E. & Thuraisingham, B. Access control for web data: models and policy languages. Ann. Télécommun. 61, 245–266 (2006). https://doi.org/10.1007/BF03219908

Download citation

  • Received:

  • Accepted:

  • Issue Date:

  • DOI: https://doi.org/10.1007/BF03219908

Key words

Mots clés

Search

Navigation