A Formal Access Control Model for XML Databases
نویسنده
چکیده
In this paper, we first define a logical theory representing an XML database supporting XPath as query language and XUpdate as modification language. We then extend our theory with predicates allowing us to specify the security policy protecting the database. The security policy includes rules addressing the read and write privileges. We propose axioms to derive the database view each user is permitted to see. We also propose axioms to derive the new database content after an update.
منابع مشابه
A practical mandatory access control model for XML databases
A practical mandatory access control (MAC) model for XML databases is presented in this paper. The label type and label access policy can be defined according to the requirements of different applications. In order to preserve the integrity of data in XML databases, a constraint between a read-access rule and a write-access rule in label access policy is introduced. Rules for label assignment a...
متن کاملUsing Usage Control to Access XML Databases
XML documents usually contain private information that cannot be shared by every user communities. It is widely used in web environment. XML database is becoming increasingly important since it consists of XML documents. Several applications for supporting selective access to data are available over the web. Usage control has been considered as the next generation access control model with dist...
متن کاملA petri net based XML firewall security model for web services invocation
An XML firewall differs from a conventional firewall because its major task is to control access to web services rather than to filter untrusted addresses. An XML firewall can effectively protect web services from being attacked by inspecting a complete XML message including its head and data segments, and rejecting unauthorized web services invocation. In this paper, we propose a formal XML fi...
متن کاملSupporting XML Security Models Using Relational Databases: A Vision
As the secure distribution and sharing of information over the World Wide Web becomes increasingly important, the needs for flexible and efficient support of access control systems naturally arise. Since the eXtensible Markup Language (XML) is emerging as the format of the Internet era for storing and exchanging information, there have been, recently, many proposals to extend the XML model to i...
متن کاملPragmatic XML Access Control Using Off-the-Shelf RDBMS
As the XML model gets more popular, new needs arise to specify access control within XML model. To meet these needs, various XML access control models and enforcement methods have been proposed recently. However, by and large, these approaches either assume the support of security features from XML databases or use proprietary tools outside of databases. Since there are currently few commercial...
متن کامل