Author-X: A Java-Based System for XML Data Protection

نویسندگان

  • Elisa Bertino
  • M. Braun
  • Silvana Castano
  • Elena Ferrari
  • Marco Mesiti
چکیده

XML (eXtensible Markup Language) has recently emerged as the most relevant standardization eort in the area of markup languages, and it is increasingly used as the language for information exchange over Web. In this context, developing an access control mechanism in terms of XML is an important step for Web information security. In this paper, we present Author-X , a Java-based system for access control to XML documents. Author-X implements a discretionary access control model speciically tailored to the characteristics of XML documents. In particular, Author-X allows (i) a set-oriented and document-oriented protection, by supporting authorizations both at document t ype level and document l e v ell (ii) a diierentiated protection of document/document t ype contents by supporting multi-granularity protection objects and positive/negative authorizationss (iii) a controlled propagation of authorizations among protection objects, by enforcing multiple propagation options. The overall architecture of Author-X is described. Implementation issues and choices of Author-X are discussed, with respect to the XML authorization base and access control. A practical application of Author-X to the protection of a real XML source is provided.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Pii: S0169-023x(02)00127-1

EXtensible Markup Language (XML) security has become a relevant research topic due to the widespread use of XML as the language for information interchange and document definition over the Web. In this context, developing an access control mechanism in terms of XML is an important step for Web information security. In this paper, we present the protection and administration facilities of Author...

متن کامل

Securing XML Documents with Author-X

This Java-based access-control system supports secure XML document administration at varying levels of granularity. T he widespread adoption of XML for Web-based information exchange is laying a foundation for flexible granularity in information retrieval. XML can " tag " semantic elements, which can then be directly and independently retrieved through XML query languages. Further, XML can defi...

متن کامل

Automatic Generation of Java Code From Communicating X-machine specifications

The state transition diagrams of the queue and button X-machines The state transition diagram of the lift X-machine v Declaration All sentences or passages quoted in this dissertation from other people's work have been specifically acknowledged by clear cross-referencing to author, work and page(s). Any illustrations which are not the work of the author of this dissertation have been used with ...

متن کامل

Transforming XML Schemas into Java Swing GUIs

When designing an XML-based Web Content Management System (WCMS), one usually has to define and maintain two separate entities just for the editorial part: the database schemes (in the form of XML Schema instances) on the one hand and the graphical user interfaces (GUIs) for data maintenance on the other hand. In this paper we present a method for generating the GUIs automatically from the XML ...

متن کامل

Agents Based Visualization and Strategies

This paper describes a flexible visualization architecture based on software agents, which enables the abstraction and reuse of rendering strategies. Using a reification of the rendering environment, the system is able to add new rendering strategies (such as distributed rendering or progressive rendering) to an existing pipeline, without any modification of the other components (controls compo...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2000