Wei Sun,Da-xin Liu,Tong Wang

DOI: https://doi.org/10.1007/11599517_64

2005-01-01

Abstract:As large corporations and organizations increasingly exploit the Internet as a means of improving business-transaction efficiency and productivity, it is increasingly common to find operational data and other business information in XML format. Access control for XML database is non-trivial subjects. A number of recent research efforts have considered access control models for XML data[1−5]. Our first contribution is a novel model for specifying XML security access control. Given an XML document accompanied by a document DTD, we allow a two-stage access control policies to pledge to security access XML document at file-level and element-level respectively. On the element-level access control, our approach for these access control policies is based on the novel notion of hide-node views. While the hide-node view DTD is exposed to authorized users, neither the internal XPath annotations nor the full document DTD is visible. Authorized users can only operate data over the hide-node view, making use of the exposed view DTD to access data. Our hide-node view mechanism guarantees that unauthorized user cannot access sensitive data and protects the schema information from access by unauthorized users. We think that the schema information also is sensitive data and should be protected from gain through the data accessing.

Huanming Zhang,Quanlong Guan,Weiqi Luo

DOI: https://doi.org/10.14257/ijsia.2015.9.7.16

2015-01-01

Abstract:XML, the Extensible Markup Language, had become an important tool for both storage and exchange of data.As the applied areas of XML had been widen gradually, the security problems of XML became a main concern.Hence, the study of access control using XML had been an important topic of security study of XML nowadays.In this paper, we would first made a brief introduction of access control using XML, and some requirements of XML access control would be included.After that, we would give a detail presentation of an access control model using XML, and point out the most significant feature of it.Finally, we analyzed the direction and difficulty in the study of access control using XML, and then illustrate the practical significance of the study.

HONG Fan,FENG Xue-bin,HUANG Zhi,ZHENG Ming-hui,洪帆,冯学斌,黄志,郑明辉

2008-01-01

Abstract:XML's increasing popularity highlights the security demand for XML documents.A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document.Then,the algorithms for decomposition/recovery multilevel XML document into/from single level document are given,and the manipulation rules for typical operations of XQuery and XUpdate:QUERY,INSERT,UPDATE,and REMOVE,are elaborated.The multilevel XML document access model can meet the requirement of sensitive information processing application.

冯学斌,洪帆,汤学明,崔永泉

2009-01-01

Abstract:XML's increasing popularity highlights the security need for XML documents.Researchers have paid more attention on discretional access control,role-based access control and view based technology,rather than mandatory access control.A improved mandatory access control model for XML is presented in the paper.The integrity properties for multilevel XML document are proposed in the paper.A novel approach delayed-removing is introduced in order to avoid covert channel.In the paper,the manipulation rules for typical operation of XQuery and XUpdate are created,and the security of the model is discussed.

FENG Xue-Bin,HONG Fan

DOI: https://doi.org/10.3969/j.issn.1002-137X.2007.10.039

2007-01-01

Computer Science

Abstract:XML database are playing increasingly important role in Web applications.Researchers of XML database se- curity have paid more attention on discretional access control and role-based access control,rather than mandatory ac- cess control which are required by the top security applications.A mandatory access control model for XML database which supports polyinstantiation by using resolving and composing algorithm in syntax level is proposed in paper.The architecture and the security are also discussed in the paper.

Tao Peng,Jiang Minghua,Hu Ming

2008-01-01

Abstract:Nowaday, the status of XML as a standard for storing and exchanging data in Internet and XML documents is becoming a de facto standard for storing and exchanging information. So, access control of XML documents is a key in network environment. In this paper, we propose an approach that exploits the semantics associated with subject and information in XML documents to facilitate automatic access control policies while resource sharing occurs among coalition members. Our approach relies on identifying the necessary attributes required by users to gain access to specific XML documents information. Specifically, it consists of extracting user attribute sets that semantically mach with the attributes of the information in XML documents. This relies on a closer examination of why a user is assigned a specific role.

Huanming Zhang,Quanlong Guan,Weiqi Luo

DOI: https://doi.org/10.14257/astl.2015.111.15

2015-01-01

Abstract:XML, the Extensible Markup Language, had become an important tool for both storage and exchange of data. In this paper, we would first made a brief introduction of access control using XML, and some requirements of XML access control would be included. Finally, we analyzed the direction and difficulty in the study of access control using XML, and then illustrate the practical significance of the study.

Wenfei Fan,Irini Fundulaki,Floris Geerts,Xibei Jia,Anastasios Kementsietsidis

2006-01-01

Abstract:As science communities and commercial organisations increasingly exploit XML as a means of exchanging and disseminating information, the selective exposure of information in XML has become an important issue. In this paper we present a novel XML security framework developed to enforce a generic, flexible access-control mechanism for XML data management, which supports efficient and secure query access, without revealing sensitive information to unauthorized users. Major components underlying the framework are discussed and the current status of a reference implemenation is reported.

Dong-Zhan Zhang,Yong-Sheng Xue

DOI: https://doi.org/10.1007/11596370_37

2005-01-01

Abstract:More and more information is distributed in XML format. Information stored in XML documents should be protected by access control policy. An extended MAC model for XML is presented. The subject and object are discussed at first. The labeled XML document model, which includes three rules and one algorithm, is presented allowing for definition and enforcement of access restrictions directly on the structure and content of XML documents. The extended MAC model for XML documents is described in detail by discussing four operations on XML documents. The architecture and some mechanisms used to implement the model are discussed at last.

CHEN Chuan-bo,PENG Chao-yi

DOI: https://doi.org/10.3969/j.issn.1007-130x.2008.01.011

2008-01-01

Abstract:Since XML is widely used nowadays,the need to provide controlled access to such information is imminent.The incredible amount of heterogeneous users on the Web also increases the difficulty of the authorization management.Based on the security feature of XML documents,we presents a credential-based XML access control model and its XML-based policy specification.Finally,we discuss the implementation of the model.

Yu Ruiping,Liu Xiaoxia,Xie Qianru,Zhang Ming

DOI: https://doi.org/10.3969/j.issn.1000-386X.2008.03.028

2008-01-01

Abstract:DBLP(Dynamic Bell-La Padula) model is presented on the basis of BLP model.The dynamic change of secure grade of objects is considered,and the arithmetic for the change is described in DBLP model.The model is used for access control XML documents,and some typical operations for XML documents are discussed.The available system architecture for implementation is introduced,and some affects are pointed out.

De-zhi XU,T.Haider

DOI: https://doi.org/10.3969/j.issn.1006-8937-B.2005.09.004

2005-01-01

Abstract:As the standard of information representation, transfer, and storage on the Web, XML has been used more and more widely. Using XML to represent data's access control will bring more flexibleness and operation on the system applicat ion. This paper puts forward an approach for the data's access control, which is based on XML data encryption and the technology of accessing of relation table is referred to the control rules of data accessing.

Shao-hua TANG

DOI: https://doi.org/10.3969/j.issn.1000-1220.2005.03.025

2005-01-01

Abstract:An authorization and access control model for XML documents is proposed in this paper. The model consists of subject, object, security rules and access control algorithm. The subject is the user or the user group. The object is the protected object. The security rules are used to specify the users privileges to the XML document. The access control algorithm is used to conduct XML document protection according to the security rules. The protection objects of our model can the schema of the XML documents or the instance of the schema. The protection granularity specified by the security rules can be based on document tree structure or based on content. Some concepts, such as authorization conflict, are explained, and the conflict resolution strategy based on the highest priority principle in proposed, which is effective and makes the semantics of authorization rules unique. The access control algorithm is implemented in Java, and SOAP is adopted as communication mechanism, which makes it easier to integrate with other systems. XML is widely used in e-business, so the model in this paper will surely have considerable significant on e-business.

Li Lan,Dan Feng

2004-01-01

Journal of Software

Abstract:Information stored in XML documents should be protected by access control policy. Current access control models for XML documents are all based on DAC (discretionary access control) or RBAC (role-based access control). High security system uses MAC (mandatory access control) to secure information in system. XML document model is extended to include label information in this paper, and some rules that the extended model has to satisfy with are presented. Fine-grained MAC model for XML documents is described in detail by discussing four operations on XML documents. The fine-grained MAC model is based on XML schema, and its finest granularity of access control is element or attribute. The architecture and some mechanisms used to implement the fine-grained MAC model are discussed too.

Zhang Wan-song,Sun Wei,Liu Da-xin

DOI: https://doi.org/10.1007/BF02828672

2005-01-01

Wuhan University Journal of Natural Sciences

Abstract:In order to cope with varying protection granularity levels of XML (eXtensible Markup Language) documents, we propose a TXAC (Two-level XML Access Control) framework, in which an extended TRBAC (Temporal Role-Based Access Control) approach is proposed to deal with the dynamic XML data. With different system components, TXAC algorithm evaluates access requests efficiently by appropriate access control policy in dynamic web environment. The method is a flexible and powerful security system offering a multi-level access control solution.

Ws Zhang,Dx Liu

2004-01-01

Abstract:With the growing popularity of Internet, more and more applications use XML(eXtensible Markup Language) as data exchange format for document communications. And there comes a need for collaboration over network. Cooperation between different parties involves operations on shared XML data in XML warehouse. Security is one of the most important aspects of the XML warehouse. It must be well managed under the access control method. Even though there are some traditional access control models, with many different aspects from normal documents, a new method to perform access control to XML warehouse is necessary. In this paper, we proposed TXAC (Two-level XML Access Control) framework, which includes the TRBAC (Temporal Role Based Access Control Component) and the ELAC (Element Level Access Control) Component as a solution of access control on XML warehouse. In particular, TXAC allows (i) setoriented authorization at file-level, by supported with X-Collection component; (ii) collaboration between TRBAC and ELAC component, by enforcing different level granularity and time constrain. Companied with access control checking algorithms, TXAC can deal with outside access request efficiently. Furthermore, the overall architecture of the TXAC and implementation are described in detail.

Zhang Dongzhan,Guo Youxian,Wu Yashuang

2008-01-01

Abstract:Extensible markup language (XML) is a promising standard for describing structured information and contents on the Internet. Information stored in XML documents should be protected by access control policy. High security system uses mandatory access control to secure information in system. A XML Oriented Mandatory Access Control Based on Hierarchy Security Labels is presented, which is focused on enforcing and resolving fine grained authorizations with respect to the XML data model and semantics. The XML documents are labeled by three rules and one algorithm, allowing for definition and enforcement of access restrictions directly on the structure and content of XML documents. The fine-grained access control model is described in detail by discussing four operations on XML documents. The architecture and some mechanisms used to implement the model are discussed at last. The result is a flexible and powerful security system offering a simple integration with current solutions.

Tao Peng,Minghua Jiang,Ming Hu

DOI: https://doi.org/10.4028/www.scientific.net/amr.121-122.558

2010-01-01

Advanced Materials Research

Abstract:A multi-polices access control model is proposed, with the model, access control based on policy regulation and XML based policy description is given. At the same time, We use the XSD(XML Schema Definition) to describe the content and the structure of the xml documents, and check the validity of the xml documents. Based on the description of the access control, an application system is realized we construct the runtime platform and choose some access control polices to test our system. The result is well.

Zhang Wan-song,Wei Sun,Liu Da-xin

DOI: https://doi.org/10.1007/bf02828672

2005-01-01

Wuhan University Journal of Natural Sciences

Abstract:In order to cope with varying protection granularity levels of XML (eXtensible Markup Language) documents, we propose a TXAC (Two-level XML Access Control) framework, in which an extended TRBAC (Temporal Role-Based Access Control) approach is proposed to deal with the dynamic XML data. With different system components, TXAC algorithm evaluates access requests efficiently by appropriate access control policy in dynamic web environment. The method is a flexible and powerful security system offering a multi-level access control solution.

MENGXiao-feng,LUODao-feng,OUJian-bo

2004-01-01

Abstract:As XML has been increasingly important as the Data-change format of Internet and Intranet, acces-controlon-XML-properties rises as a new issue. Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years. Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties. This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.