EXTENSIBLE ACCESS CONTROL MODEL FOR XML DOCUMENT COLLECTIONS

Goran Sladić, Branko Milosavljević, Zora Konjović

Abstract

This paper presents the XXACF (eXtensible Role-Based XML Access Control Framework) framework for controlling access to XML documents in different environments. The proposed access control definition language and the corresponding software architecture are described. The framework enables defining access control policies on different priority and granularity levels. The XXACF enables the enforcement of access control for different operations on XML documents, as well as different ways of access control enforcement for the same operation. This framework’s configurability facilitates customization of particular implementations according to specific needs. Extensibility of XXACF framework is achieved by the possibility of extending the core functionality for specific requirements and also the addition of the new modules for context-sensitive access control.

References

  1. Ferraiolo, D. F., Kuhn D. R., Chandramouli, R., 2003. Role-Based Access Control, Artech House.
  2. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R., 2001. Proposed NIST Standard for Role-Based Access Control. ACM Transactions Information and System Security, 4(3), pp. 224-274.
  3. Bhatti, R., Joshi, J.B.D., Bertino, E., Ghafoor, A., 2004. XML Based Specification for Web Services Document Security [Electronic version]. IEEE Computer Society Press, 37(4), pp. 41-49.
  4. Bhatti, R., Joshi, J.B., Bertino, E., Ghafoo, A., 2003. Access Control in Dynamic XML-Based WebServices with X-RBAC [Electronic version]. The First International Conference on Web Services, Las Vegas, USA.
  5. Botha, R.A., Eloff, J.H.P., 2001. An Access Control Architecture for XML Documents in Workflow Environments [Electronic version]. Proceedings of SAICSIT 2001, South African Computer Journal, 3.
  6. Botha, R.A., Eloff, J.H.P., 2001. A Framework for Access Control in Workflow Systems. Information Management and Computer Security, 9(3), pp 126- 133.
  7. Damiani, E., De Capitani Di Vimercati, S., Paraboschi, S., Samarati, P., 2000. Securing XML documents [Electronic version]. Proceedings of the 7th International Conference on Extending Database Technology, Konstanz, Germany, pp. 121-135.
  8. Damiani, E., de Capitani di Vimercati, S., Paraboschi, S., Samarati, P., 2002. A Fine Grained Access Control System for XML Documents. ACM Transactions on Information and System Security, 5(2), pp. 169-202.
  9. Bertino, E., Castano, S., Ferrari, E., 2001. Securing XML Documents with Author-X. IEEE Internet Computing 5(3), pp. 21-31.
  10. Bertino, E., Ferrari, E., 2002. Secure and Selective Dissemination of XML Documents. ACM Transactions Information and System Security, 5(3). pp. 290-331.
  11. Hada, S., Kudo, M., 2002. XML Access Control Language. Retrieved January 10. 2006, from http://www.trl.ibm.com/projects/xml/xss4j/docs/xaclspec.html.
  12. Stallings, W., 1998. Cryptography and Network Security: Principles and Practice, Prentice Hall.
  13. Schneier, B., 1996. Applied Cryptography, John Wiley.
  14. XML Encryption Syntax and Processing. Retrieved June 10. 2005, from http://www.w3.org/TR/xmlenc-core.
Download


Paper Citation


in Harvard Style

Sladić G., Milosavljević B. and Konjović Z. (2007). EXTENSIBLE ACCESS CONTROL MODEL FOR XML DOCUMENT COLLECTIONS . In Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007) ISBN 978-989-8111-12-8, pages 373-380. DOI: 10.5220/0002117203730380


in Bibtex Style

@conference{secrypt07,
author={Goran Sladić and Branko Milosavljević and Zora Konjović},
title={EXTENSIBLE ACCESS CONTROL MODEL FOR XML DOCUMENT COLLECTIONS},
booktitle={Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)},
year={2007},
pages={373-380},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002117203730380},
isbn={978-989-8111-12-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)
TI - EXTENSIBLE ACCESS CONTROL MODEL FOR XML DOCUMENT COLLECTIONS
SN - 978-989-8111-12-8
AU - Sladić G.
AU - Milosavljević B.
AU - Konjović Z.
PY - 2007
SP - 373
EP - 380
DO - 10.5220/0002117203730380