CH Fang,W Peng,XZ Ye,SY Zhang

DOI: https://doi.org/10.1109/cscwd.2005.194248

2007-01-01

Journal of Software

Abstract:Access control is one of the key steps to ensuring the availability, confidentiality and integrity of system resources. While it has been fully applied in various network systems, it's still relatively new for collaborative CAD. This paper provides a new framework of multi-level access control for collaborative CAD based on hierarchical product modeling. A layered privilege model (LPM) has been developed to provide multi-granularity access permissions in the part level and feature level. An extended hierarchy role-based access control (EHRBAC) is implemented, integrated with LPM and common Hierarchy RBAC, to provide hierarchical access control of collaborative feature modeling in the component/part level and design feature level. Mesh simplification techniques are used to create variable level-of-detail for individual features.

Zhang Wan-song,Sun Wei,Liu Da-xin

DOI: https://doi.org/10.1007/BF02828672

2005-01-01

Wuhan University Journal of Natural Sciences

Abstract:In order to cope with varying protection granularity levels of XML (eXtensible Markup Language) documents, we propose a TXAC (Two-level XML Access Control) framework, in which an extended TRBAC (Temporal Role-Based Access Control) approach is proposed to deal with the dynamic XML data. With different system components, TXAC algorithm evaluates access requests efficiently by appropriate access control policy in dynamic web environment. The method is a flexible and powerful security system offering a multi-level access control solution.

Zhang Wan-song,Wei Sun,Liu Da-xin

DOI: https://doi.org/10.1007/bf02828672

2005-01-01

Wuhan University Journal of Natural Sciences

Abstract:In order to cope with varying protection granularity levels of XML (eXtensible Markup Language) documents, we propose a TXAC (Two-level XML Access Control) framework, in which an extended TRBAC (Temporal Role-Based Access Control) approach is proposed to deal with the dynamic XML data. With different system components, TXAC algorithm evaluates access requests efficiently by appropriate access control policy in dynamic web environment. The method is a flexible and powerful security system offering a multi-level access control solution.

Wei Sun,Da-xin Liu,Tong Wang

DOI: https://doi.org/10.1007/11610496_109

2006-01-01

Abstract:XML becomes a standard format for data interchanges on Internet, especially in E-commerce. Although XML technology has been widely used, the research and development on XML security is still at the early stage. The control of XML access is important for protecting XML documents from being illegally modified or accessed. Most of available models utilize a single level check point. In this paper, we proposed an access control model with dual level access control: file-level and element-level (or attribute-level). The model allows adopt the XBLP policy with file-level security, while employs Hide-Node View for element-level security. The architecture framework of the access control model and implementation are briefly described.

LI Jinyan,YU Zhonghua

DOI: https://doi.org/10.13196/j.cims.2017.06.009

2017-01-01

Abstract:With gradual improvement of collaborative manufacturing mode,the played an important role for the adjustment of organizational structure and business process reengineering.How to balance the To solve the problem that collaboration oriented flexible workflow should combine flexibility and security in dynamic environment,according to the characteristics of collaborative,the concept of team was introduced based on the hierarchical authorization management to realize the combination of role-based static authorization and task-based dynamic control,and a novel access control model was proposed for cooperation-oriented flexible workflow.As for the potential conflict of constraints at different levels due to the flexibility and cooperation,task-based separation of duty was provided,so as to better solve the problem of information security and access control for flexible workflow in dynamic environment.

Wei Sun,Da-xin Liu,Tong Wang

DOI: https://doi.org/10.1007/11599517_64

2005-01-01

Abstract:As large corporations and organizations increasingly exploit the Internet as a means of improving business-transaction efficiency and productivity, it is increasingly common to find operational data and other business information in XML format. Access control for XML database is non-trivial subjects. A number of recent research efforts have considered access control models for XML data[1−5]. Our first contribution is a novel model for specifying XML security access control. Given an XML document accompanied by a document DTD, we allow a two-stage access control policies to pledge to security access XML document at file-level and element-level respectively. On the element-level access control, our approach for these access control policies is based on the novel notion of hide-node views. While the hide-node view DTD is exposed to authorized users, neither the internal XPath annotations nor the full document DTD is visible. Authorized users can only operate data over the hide-node view, making use of the exposed view DTD to access data. Our hide-node view mechanism guarantees that unauthorized user cannot access sensitive data and protects the schema information from access by unauthorized users. We think that the schema information also is sensitive data and should be protected from gain through the data accessing.

MENGXiao-feng,LUODao-feng,OUJian-bo

2004-01-01

Abstract:As XML has been increasingly important as the Data-change format of Internet and Intranet, acces-controlon-XML-properties rises as a new issue. Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years. Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties. This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

Tao Peng,Minghua Jiang,Ming Hu

DOI: https://doi.org/10.1109/iih-msp.2008.310

2008-01-01

Abstract:In a dynamic coalition environment, organizations should be able to exercise their own local fine-grained access control policies while sharing resources with external entities. At the same time, the status of XML as a standard for storing and exchanging data in Internet and XML documents is becoming a de facto standard for storing and exchanging information. So, access control of XML documents is a key in dynamic coalition environment. In this paper, we propose an approach that exploits the semantics associated with subject and information in XML documents to facilitate automatic access control policies while resource sharing occurs among coalition members. Our approach relies on identifying the necessary attributes required by users to gain access to specific XML documents information. Specifically, it consists of extracting user attribute sets that semantically mach with the attributes of the information in XML documents. This relies on a closer examination of why a user is assigned a specific role.

Meng Xiao-feng,Luo Dao-feng,Ou Jian-bo

DOI: https://doi.org/10.1007/BF02831673

2004-01-01

Wuhan University Journal of Natural Sciences

Abstract:As XML has been increasingly important as the Data-change format of Internet and Intranet, access-control-on-XML-properties rises as a new issue. Role-based access control (RBAC) is an access control method that has been widely used in Internet, Operation System and Relation Data Base these 10 years. Though RBAC is already relatively mature in the above fields, new problems occur when it is used in XML properties. This paper proposes an integrated model to resolve these problems, after the fully analysis on the features of XML and RBAC.

高亮,张斌,蔡力钢,刘向军

DOI: https://doi.org/10.3969/j.issn.1001-3695.2004.08.035

2004-01-01

Abstract:Effective control of access for resource is key to make users work collaboratively.It is also important to ensure information security.Having analyzed traditional access control technologies,a new access control model,eXtensible Access Control Model (XACM),is proposed in this paper.An extensible access control system based on XACM is successfully implemented for control of access to information in Tongda Group's workflow-based office automation system.It proves the characteristics of XACM such as flexibility and generalization.

HONG Fan,FENG Xue-bin,HUANG Zhi,ZHENG Ming-hui,洪帆,冯学斌,黄志,郑明辉

2008-01-01

Abstract:XML's increasing popularity highlights the security demand for XML documents.A mandatory access control model for XML document is presented on the basis of investigation of the function dependency of XML documents and discussion of the integrity properties of multilevel XML document.Then,the algorithms for decomposition/recovery multilevel XML document into/from single level document are given,and the manipulation rules for typical operations of XQuery and XUpdate:QUERY,INSERT,UPDATE,and REMOVE,are elaborated.The multilevel XML document access model can meet the requirement of sensitive information processing application.

Xiaoxia Liu

2009-01-01

Abstract:To solve the problem focuments of repetitive labeling process and Document Type Definition(DTD) verification process executed by the eXtensible Markup Language(XML) access control system for update operators,action type is defined. Using these action types,user queries are distinguished semantically and unnecessary queries are filtered out at the early stage,so memory and other system resources used in Document Object Model(DOM) -based DTD verification process and labeling process can be saved. The proposed access control technique shows better performance in an environment where update queries occur frequently after compared with existing one.

FENG Xue-Bin,HONG Fan

DOI: https://doi.org/10.3969/j.issn.1002-137X.2007.10.039

2007-01-01

Computer Science

Abstract:XML database are playing increasingly important role in Web applications.Researchers of XML database se- curity have paid more attention on discretional access control and role-based access control,rather than mandatory ac- cess control which are required by the top security applications.A mandatory access control model for XML database which supports polyinstantiation by using resolving and composing algorithm in syntax level is proposed in paper.The architecture and the security are also discussed in the paper.

徐晓春,陆松年,杨树堂,蒋兴浩

DOI: https://doi.org/10.3969/j.issn.1000-3428.2004.05.028

2004-01-01

Abstract:One of the most important features of XML Web services is that they can easily accessed over the Internet. But the downside of this easiness is that security is compromised. This paper presents an access control system for Web Services. It uses XACML for the description of access control criteria based on the use of attribute certificate. The system takes full advantage of XML-enabled feature of Web Services and XACML access control decision model. Furthermore, the integration of privilege management infrastructure and XACML makes this system suitable for heterogeneous Web services.

Huanming Zhang,Quanlong Guan,Weiqi Luo

DOI: https://doi.org/10.14257/ijsia.2015.9.7.16

2015-01-01

Abstract:XML, the Extensible Markup Language, had become an important tool for both storage and exchange of data.As the applied areas of XML had been widen gradually, the security problems of XML became a main concern.Hence, the study of access control using XML had been an important topic of security study of XML nowadays.In this paper, we would first made a brief introduction of access control using XML, and some requirements of XML access control would be included.After that, we would give a detail presentation of an access control model using XML, and point out the most significant feature of it.Finally, we analyzed the direction and difficulty in the study of access control using XML, and then illustrate the practical significance of the study.

Shao-hua TANG

DOI: https://doi.org/10.3969/j.issn.1000-1220.2005.03.025

2005-01-01

Abstract:An authorization and access control model for XML documents is proposed in this paper. The model consists of subject, object, security rules and access control algorithm. The subject is the user or the user group. The object is the protected object. The security rules are used to specify the users privileges to the XML document. The access control algorithm is used to conduct XML document protection according to the security rules. The protection objects of our model can the schema of the XML documents or the instance of the schema. The protection granularity specified by the security rules can be based on document tree structure or based on content. Some concepts, such as authorization conflict, are explained, and the conflict resolution strategy based on the highest priority principle in proposed, which is effective and makes the semantics of authorization rules unique. The access control algorithm is implemented in Java, and SOAP is adopted as communication mechanism, which makes it easier to integrate with other systems. XML is widely used in e-business, so the model in this paper will surely have considerable significant on e-business.

LI Bo,HUANG Dong-jun

DOI: https://doi.org/10.3969/j.issn.1006-8937-B.2006.04.001

2006-01-01

Abstract:The paper analyzes and compares several primary ways to distribute privileges during the current design process of access system such as Discretionary Access Control(DAC), Mandatory Access Control (MAC) and Role-Based Access Control (RBAC), points out their respective characteristics and limitations of their applicability. By taking the new characteristics of modern enterprise management into consideration and combining with the existing access control model, the authors discuss the access control technology of the multi-users information system, present and realize the security control model based on role level, department level and user level in the application. Practical application makes clear that it enhances the security and maintainability of information system.

Huanming Zhang,Quanlong Guan,Weiqi Luo

DOI: https://doi.org/10.14257/astl.2015.111.15

2015-01-01

Abstract:XML, the Extensible Markup Language, had become an important tool for both storage and exchange of data. In this paper, we would first made a brief introduction of access control using XML, and some requirements of XML access control would be included. Finally, we analyzed the direction and difficulty in the study of access control using XML, and then illustrate the practical significance of the study.

Tao Peng,Jiang Minghua,Hu Ming

2008-01-01

Abstract:Nowaday, the status of XML as a standard for storing and exchanging data in Internet and XML documents is becoming a de facto standard for storing and exchanging information. So, access control of XML documents is a key in network environment. In this paper, we propose an approach that exploits the semantics associated with subject and information in XML documents to facilitate automatic access control policies while resource sharing occurs among coalition members. Our approach relies on identifying the necessary attributes required by users to gain access to specific XML documents information. Specifically, it consists of extracting user attribute sets that semantically mach with the attributes of the information in XML documents. This relies on a closer examination of why a user is assigned a specific role.

Xueqin Chen,Huizhong Wu,Yaoqin Zhu

DOI: https://doi.org/10.1109/ICSICT.2008.4734715

2008-01-01

Abstract:Recently, distributed computing technologies have developed rapidly, such as web services and other XML-based technologies. Information systems enter into a wide-area distributed computing environment. For web services based information systems, the separation between functions and resources enables reusability. However, it is difficult for traditional Access control models to deal with. The security of system encounters with challenges. This paper proposes a double access control model based on attributes to achieve the access control of system functions and resources. The access control decision of functions depends on subject attributes. The decision of resources relies on three attributes': subject attributes, resources attributes and environments attributes. Consistency of access controls between functions and resources is solved by subject's attributes certificate and shared policy. Certificate proxy is utilized to achieve single sign-on, authenticate and authority in wide-area environment. Furthermore, we depict the process flow of the access control in detail. The proposed model is implemented on XACML.NET package and applied in a web services based information system in NET Environment. At last, the performance of resource access control is analyzed and tested by VSTE-ST 2005. The results of practical application and experiment prove the feasibility and usability of the model.