XML access control: mapping XACML policies to relational database tables
نویسندگان
چکیده
Although eXtensible Access Control Markup Language (XACML) is recognized as a precise and a complete policy description language, the structure of the current XACML policy is complex. Hence, users need to understand XACML well and write down the securing policy all by hand, which make it difficult to master and use. On the other hand, RDBMS is easy and simple to use by all users and allows hiding the difficulties of XACML by storing XACML policies and rules in relational tables. Hence, it will be easy for users to use and understand the XACML policies and rules. In this paper, we propose a new mapping technique to map XACML policies and rules into relational rules and store them in tables to ease the access control of the XML documents. The implementation of the proposed technique demonstrates a significant access decision time.
منابع مشابه
Controlling Access to XML Documents over XML Native and Relational Databases
In this paper we investigate the feasibility and efficiency of mapping XML data and access control policies onto relational and native XML databases for storage and querying. We developed a re-annotation algorithm that computes the XPath query which designates the XML nodes to be re-annotated when an update operation occurs. The algorithm uses XPath static analysis and our experimental results ...
متن کاملOffline Expansion of XACML Policies
In the last few years XML-based access control languages like XACML have been increasingly used for specifying complex policies regulating access to network resources. Today, growing interest in Semantic-Web style metadata for describing resources and users is stimulating research on how to express access control policies based on advanced descriptions rather than on single attributes. In this ...
متن کاملAutomated Reasoning about XACML 3.0 Delegation Using Answer Set Programming
XACML is an XML-based declarative access control language standardized by OASIS. Its latest version 3.0 has several new features including the concept of delegation for decentralized administration of access control. Though it is important to avoid unintended consequences of ill-designed policies, delegation makes formal analysis of XACML policies highly complicated. In this paper, we present a...
متن کاملEnhancing Database Access Control with XACML Policy
XACML is apparently the most convenient way to express attribute-based access control policies. Though XACML has been used in several access control areas, processing XACML policies for attribute-based database access control still has not been studied in depth. In this work we compile XACML policies, and utilize the underlying database access mechanisms such as ACLs to protect sensitive data. ...
متن کاملXML-Based Access Control Languages
One of the most challenging problems in managing large, distributed, and heterogeneous networked systems is specifying and enforcing security policies regulating interactions between parties and access to services and resources. Recent proposals for specifying and exchanging access control policies adopt XML-based languages. XML appears in fact a natural choice as the basis for the common secur...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Int. Arab J. Inf. Technol.
دوره 11 شماره
صفحات -
تاریخ انتشار 2014