The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Derived access control specification for XML

Download

Download PDF Document
PDF

Author

Christopher Clifton

Tech report number

CERIAS TR 2003-48

Entry type

conference

Abstract

The growth in interchange of business and other sensitive data has led to increasing interest in access control. While broad-based access control may be adequate for library-style document bases, new applications demand different access rights on different documents, or different parts of a document. Methods have been developed that enforce fine-grained access control in XML, but the administrative complexity of hard-coding rules is still a challenge. We present an XQuery-based approach for deriving access control rules from schemalevel rules, document or database content, or rules on other documents. This approach provides a novel capability to exploit non-structural information in broadly-applicable rules, making it feasible to specify data- and context-dependent rules for large document sets.

Download

PDF

Date

2003 – 10

URL

http://portal.acm.org/citation.cfm?doid=968559.968561

Address

Fairfax, Virgina

Key alpha

Clifton

Note

Workshop on XML Security held in association with the 10th ACM Conference on Computer and Communications Security October 31, 2003 in Fairfax, Virgina

Publication Date

2003-10-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.