Observation-Based Fine Grained Access Control for XML Documents

Halder, Raju; Cortesi, Agostino

doi:10.1007/978-3-642-27245-5_32

Observation-Based Fine Grained Access Control for XML Documents

Raju Halder³ &
Agostino Cortesi³

Conference paper

620 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 245))

Abstract

The eXtensible Markup Language (XML) is recognized as a simple and universal standard for storing and exchanging information on the web. The risk of unauthorized leakage of this information mandates the use of access control at various levels of granularity. In this paper, we extend to the context of XML documents the notion of Observation-based Fine Grained Access Control (OFGAC) which was originally designed for the relational databases. In this setting, data are made accessible at various levels of abstractions depending on their sensitivity level. Therefore, unauthorized users are not able to infer the exact content of an attribute or element containing partial sensitive information, while they are allowed to get a relaxed view of it, according to their access rights, represented by a specific property.

This is a preview of subscription content, log in via an institution.

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bertino, E., Ferrari, E.: Secure and selective dissemination of xml documents. ACM Trans. on Information and System Security 5(3), 290–331 (2002)
Article Google Scholar
Bertino, E., Jajodia, S., Samarati, P.: A flexible authorization mechanism for relational data management systems. ACM Trans. on Information Systems 17(2), 101–140 (1999)
Article Google Scholar
Bouganim, L., Ngoc, F.D., Pucheral, P.: Client-based access control management for xml documents. In: Proc. of the 13th Int. Conf. on Very Large Data Bases (VLDB 2004), pp. 84–95. VLDB Endowment, Toronto (2004)
Google Scholar
Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: Conf. Record of the 6th Annual ACM POPL, pp. 238–252. ACM Press, Los Angeles (1977)
Google Scholar
Damiani, E., de Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Design and implementation of an access control processor for xml documents. Journal of Computer and Telecommunications Netowrking 33(1-6), 59–75 (2000)
Google Scholar
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: A fine-grained access control system for xml documents. ACM Trans. on Information and System Security 5(2), 169–202 (2002)
Article Google Scholar
Griffiths, P.P., Wade, B.W.: An authorization mechanism for a relational database system. ACM Trans. on Database Systems 1(3), 242–255 (1976)
Article Google Scholar
Halder, R., Cortesi, A.: Observation-based fine grained access control for relational databases. In: Proc. of the 5th Int. Conf. on Software and Data Technologies (ICSOFT 2010), pp. 254–265. INSTICC Press, Athens (2010)
Google Scholar
Jajodia, S., Samarati, P., Subrahmanian, V.S., Bertino, E.: A unified framework for enforcing multiple access control policies. SIGMOD Record 26(2), 474–485 (1997)
Article Google Scholar
Koromilas, L., Chinis, G., Fundulaki, I., Ioannidis, S.: Controlling Access to XML Documents Over XML Native and Relational Databases. In: Jonker, W., Petković, M. (eds.) SDM 2009. LNCS, vol. 5776, pp. 122–141. Springer, Heidelberg (2009)
Chapter Google Scholar
Lee, D., Lee, W.-C., Liu, P.: Supporting XML Security Models Using Relational Databases: A Vision. In: Bellahsène, Z., Chaudhri, A.B., Rahm, E., Rys, M., Unland, R. (eds.) XSym 2003. LNCS, vol. 2824, pp. 267–281. Springer, Heidelberg (2003)
Chapter Google Scholar
Luo, B., Lee, D., Lee, W.-C., Liu, P.: Qfilter: fine-grained run-time xml access control via nfa-based query rewriting. In: Proc. of the 13th ACM Int. Conf. on Information and Knowledge Management (CIKM 2004), pp. 543–552. ACM Press, Washington D.C (2004)
Google Scholar
Murata, M., Tozawa, A., Kudo, M., Hada, S.: Xml access control using static analysis. ACM Trans. on Information and System Security 9(3), 292–324 (2006)
Article Google Scholar
Tan, K.-L., Lee, M.-L., Wang, Y.: Access control of xml documents in relational database systems. In: Proc. of the Int. Conf. on Internet Computing (IC 2001), pp. 185–191. CSREA Press, Las Vegas (2001)
Google Scholar

Download references

Author information

Authors and Affiliations

DAIS, Università Ca’ Foscari Venezia, Italy
Raju Halder & Agostino Cortesi

Authors

Raju Halder
View author publications
You can also search for this author in PubMed Google Scholar
Agostino Cortesi
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Department of Computer Science and Engineering, University of Calcutta, 92 APC Road, 700009, Kolkata, India
Nabendu Chaki
Università Ca’ Foscari di Venezia, via Torino 155, 30172, Mestre, Italy
Agostino Cortesi

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Halder, R., Cortesi, A. (2011). Observation-Based Fine Grained Access Control for XML Documents. In: Chaki, N., Cortesi, A. (eds) Computer Information Systems – Analysis and Technologies. Communications in Computer and Information Science, vol 245. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27245-5_32

Download citation

DOI: https://doi.org/10.1007/978-3-642-27245-5_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27244-8
Online ISBN: 978-3-642-27245-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics