Securing XML documents with Author-X

Bertino, Elisa; Castano, Silvana; Ferrari, Elena

doi:10.1109/4236.935172

Cited by 180 publications

(116 citation statements)

References 7 publications

(3 reference statements)

Supporting

Mentioning

113

Contrasting

Unclassified

Order By: Relevance

“…Moreover, once data is copied, it is at the user's discretion. The work closest to ours is in XML access control, which is an active research area concerned with controlling access to constituent parts of XML documents (e.g., [7,15,19,2,1,10,9]). We shall first discuss the primary characteristics of this work, and then examine several prominent proposals.…”

Section: Related Workmentioning

confidence: 99%

“…Bertino et al [2,1] have proposed an approach to XML access control consisting of two parts: an access-control system Author-χ, and a credentials and policy language χ-Sec. Their proposal goes beyond XML access control in that they actually consider semi-structured data encoded in XML documents.…”

Section: Related Workmentioning

confidence: 99%

“…2 The precondition is that the path given is valid. The number of children is determined by taking the last element of the rightmost child's path.…”

Section: Document Content Modelmentioning

confidence: 99%

See 2 more Smart Citations

Controlling Access to Documents: A Formal Access Control Model

Sevinç

Basin

Olderog

2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Controlling Access to Documents: A Formal Access Control Model

Sevinç

Basin

Olderog

2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

“…The considered input documents are XML documents, the de-facto standard for data exchange. Authorization models proposed for regulating access to XML documents use XPath expressions to delineate the scope of each access control rule [BCF01,GaB01,DDP02]. Having this context in mind, the problem addressed in this paper can be stated as follows.…”

Section: Introductionmentioning

confidence: 99%

“…The data are kept encrypted at the server and a client is granted access to subparts of them according to the decryption keys in its possession. Sophisticated variations of this basic model have been designed in different context, such as DSP [HIL02], database server security [HeW01], nonprofit and for-profit publishing [MiS03,BCF01,Med] and multilevel databases [AkT82,BZN01,RRN02]. These models differ in several ways: data access model (pulled vs. pushed), access right model (DAC, RBAC, MAC), encryption scheme, key delivery mechanism and granularity of sharing.…”

Section: Introductionmentioning

confidence: 99%

Client-Based Access Control Management for XML documents

Bouganim

Ngoc

Pelletier

2004

Proceedings 2004 VLDB Conference

View full text Add to dashboard Cite

The erosion of trust put in traditional database servers and in Database Service Providers, the growing interest for different forms of data dissemination and the concern for protecting children from suspicious Internet content are different factors that lead to move the access control from servers to clients. Several encryption schemes can be used to serve this purpose but all suffer from a static way of sharing data. With the emergence of hardware and software security elements on client devices, more dynamic client-based access control schemes can be devised. This paper proposes an efficient client-based evaluator of access control rules for regulating access to XML documents. This evaluator takes benefit from a dedicated index to quickly converge towards the authorized parts of apotentially streaming -document. Additional security mecanisms guarantee that prohibited data can never be disclosed during the processing and that the input document is protected from any form of tampering. Experiments on synthetic and real datasets demonstrate the effectiveness of the approach.

show abstract

From XML to RDF: Syntax, Semantics, Security, and Integrity (Invited Paper)

Farkas

Gowadia

Jain

et al.

Security Management, Integrity, and Internal Control in Information Systems

View full text Add to dashboard Cite

In this paper we evaluate security methods for extensible Markup Language (XML) and the Resource Description Framework (RDF). We argue that existing models are insufficient to provide high assurance security for future Web-based applications. We begin with a brief overview of XML access control models, where the protection objects are identified by the XML syntax. However, these approaches are limited to handle updates and structural modifications of the XML documents. We argue that XML security methods must be based on the intended meaning of XML and the semantics of the application using XML. We identify two promising research directions to extend the XML model with semantics. The first approach incorporates traditional database concepts, like key and integrity constraints, in the XML model. The second approach aims to associate XML documents with metadata supporting Web-based applications. We propose the development of security models based on these semantics-oriented approaches to achieve high assurance. Further, we investigate the security needs of Web metadata, like RDF, RDFS, and OWL. In particular, we study the security risks of unwanted inferences and data aggregation, supported by these languages.

show abstract

Securing XML documents with Author-X

Abstract: This Java-based access-control system supports secure XML document administration at varying levels of granularity.

Cited by 180 publications

References 7 publications

Controlling Access to Documents: A Formal Access Control Model

Controlling Access to Documents: A Formal Access Control Model

Client-Based Access Control Management for XML documents

From XML to RDF: Syntax, Semantics, Security, and Integrity (Invited Paper)

Contact Info

Product

Resources

About