ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A fine-grained access control system for XML documents
Full text PdfPdf (331 KB)
Source ACM Transactions on Information and System Security (TISSEC) archive
Volume 5 ,  Issue 2  (May 2002) table of contents
Pages: 169 - 202  
Year of Publication: 2002
ISSN:1094-9224
Authors
Ernesto Damiani  Università di Milano, Crema (CR), Italy
Sabrina De Capitani di Vimercati  Università di Brescia, Brescia, Italy
Stefano Paraboschi  Politecnico di Milano, Milano, Italy
Pierangela Samarati  Università di Milano, Crema (CR), Italy
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 29,   Downloads (12 Months): 252,   Citation Count: 72
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/505586.505590
What is a DOI?

ABSTRACT

Web-based applications greatly increase information availability and ease of access, which is optimal for public information. The distribution and sharing of information via the Web that must be accessed in a selective way, such as electronic commerce transactions, require the definition and enforcement of security controls, ensuring that information will be accessible only to authorized entities. Different approaches have been proposed that address the problem of protecting information in a Web system. However, these approaches typically operate at the file-system level, independently of the data that have to be protected from unauthorized accesses. Part of this problem is due to the limitations of HTML, historically used to design Web documents. The extensible markup language (XML), a markup language promoted by the World Wide Web Consortium (W3C), is de facto the standard language for the exchange of information on the Internet and represents an important opportunity to provide fine-grained access control. We present an access control model to protect information distributed on the Web that, by exploiting XML's own capabilities, allows the definition and enforcement of access restrictions directly on the structure and content of the documents. We present a language for the specification of access restrictions, which uses standard notations and concepts, together with a description of a system architecture for access control enforcement based on existing technology. The result is a flexible and powerful security system offering a simple integration with current solutions.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Serge Abiteboul , Bernd Amann , Sophie Cluet , Adi Eyal , Laurent Mignet , Tova Milo, Active Views for Electronic Commerce, Proceedings of the 25th International Conference on Very Large Data Bases, p.138-149, September 07-10, 1999
 
2
Adler, S., Berglund, A., Caruso, J., Deach, S., Graham, T., Grosso, P., Gutentag, E., Milowski, A., Parnell, S., Richman, J., and Zilles, S. 2001. Extensible stylesheet language (XSL) version 1.0. World Wide Web Consortium (W3C). Available at http://www.w3.org/TR/xsl.
3
R. Agrawal , A. Borgida , H. V. Jagadish, Efficient management of transitive relationships in large data and knowledge bases, Proceedings of the 1989 ACM SIGMOD international conference on Management of data, p.253-262, June 1989, Portland, Oregon, United States
 
4
AlphaWorks. 2001. XML security suite. Available at http://www.alphaWorks.ibm.com/tech/xmlsecuritysuite.
 
5
Apache Software Foundation. 2000. Cocoon, a Java publishing framework. Available at http://xml.apache.org/cocoon.
 
6
Apache Software Foundation. 2001. Xalan-J version 2.2.d14. Available at http://xml.apache.org/xalan-j/.
 
7
Abraham Silberschatz , Henry F. Korth , S. Sudarshan , Allen B. Tucker, Database Systems Concepts, McGraw-Hill, Inc., New York, NY, 1997
 
8
Berners-Lee, T., Fielding, R., Irvine, U., and Masinter, L. 1998. Uniform resource identifiers (URI): Generic syntax. Available at http://www.isi.edu/in-notes/rfc2396.txt.
 
9
Elisa Bertino , Silvana Castano , Elena Ferrari, Securing XML Documents with Author-X, IEEE Internet Computing, v.5 n.3, p.21-31, May 2001  [doi>10.1109/4236.935172]
 
10
Elisa Bertino , Silvana Castano , Elena Ferrari , Marco Mesiti, Specifying and enforcing access control policies for XML document sources, World Wide Web, v.3 n.3, p.139-151, 2000  [doi>10.1023/A:1019289831564]
 
11
Biron, P. and Malhotra, A. 2001. XML schema part 2: Datatypes. World Wide Web Consortium (W3C). Available at http://www.w3.org/TR/xmlschema-2.
 
12
Bray, T., Hollander, D., and Layman, A. 1999. Namespaces in XML. World Wide Web Consortium (W3C). Available at http://www.w3.org/TR/REC-xml-names.
 
13
Bray, T., Paoli, J., Sperberg-McQueen, C., and Maler, E. 2000. Extensible markup language (XML) 1.0 (second edition). World Wide Web Consortium (W3C). Available at http://www.w3.org/TR/REC-xml.
 
14
Brickley, D. and Guha, R. 2000. Resource description framework (RDF) schema specification 1.0. World Wide Web Consortium (W3C). Available at http://www.w3.org/TR/rdf-schema.
 
15
Peter Buneman , Wenfei Fan , Scott Weinstein, Path constraints in semistructured databases, Journal of Computer and System Sciences, v.61 n.2, p.146-193, Oct. 2000  [doi>10.1006/jcss.2000.1710]
 
16
Frank Buschmann , Regine Meunier , Hans Rohnert , Peter Sommerlad , Michael Stal, Pattern-oriented software architecture: a system of patterns, John Wiley & Sons, Inc., New York, NY, 1996
 
17
CheckFree Corp. 2001. Open financial exchange specification 2.0.1. CheckFree Corp. Available at http://www.ofx.net/.
 
18
Content Guard. 2001. eXtensible rights markup language (XrML) 2.0. ContentGuard. Available at http://www.xrml.org/.
 
19
Ernesto Damiani , Sabrina de Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati, Design and implementation of an access control processor for XML documents, Computer Networks: The International Journal of Computer and Telecommunications Networking, v.33 n.1-6, p.59-75, June 2000
 
20
Ernesto Damiani , Sabrina De Capitani di Vimercati , Stefano Paraboschi , Pierangela Samarati, Securing XML Documents, Proceedings of the 7th International Conference on Extending Database Technology: Advances in Database Technology, p.121-135, March 27-31, 2000
 
21
DeRose, S., Maler, E., and Orchard, D. 2001. XML linking language (XLink) version 1.0. World Wide Web Consortium (W3C). Available at http://www.w3.org/TR/xlink.
 
22
Deutsch, A. and Tannen, V. 2001. Containment and integrity constraints for xpath. In Proceedings of the Eighth International Workshop on Knowledge Representation Meets Databases (Rome, Sept.).
23
P. Devanbu , M. Gertz , A. Kwong , C. Martel , G. Nuckolls , S. G. Stubblebine, Flexible authentication of XML documents, Proceedings of the 8th ACM conference on Computer and Communications Security, November 05-08, 2001, Philadelphia, PA, USA  [doi>10.1145/501983.502003]
 
24
Eastlake, D., Reagle, J., and Solo, D. 2001. XML-signature syntax and processing. Available at ftp://ftp.rfc-editor.org/in-notes/rfc3075.txt.
 
25
Ellerman, C. 1997. Channel definition format (CDF). Available at http://www.w3.org/TR/NOTE-CDFsubmit.html.
 
26
E. B. Fernandez , E. Gudes , H. Song, A Model for Evaluation and Administration of Security in Object-Oriented Databases, IEEE Transactions on Knowledge and Data Engineering, v.6 n.2, p.275-292, April 1994  [doi>10.1109/69.277771]
 
27
Alban Gabillon , Emmanuel Bruno, Regulating access to XML documents, Proceedings of the fifteenth annual working conference on Database and application security, p.299-314, July 15-18, 2001, Niagara, Ontario, Canada
 
28
Goldman, R., McHugh, J., and Widom, J. 1999. From semistructured data to XML: Migrating the lore data model and query language. In Proceedings of the Second International Workshop on the Web and Databases (WebDB '99) (Philadelphia, June).
29
Sushil Jajodia , Pierangela Samarati , Maria Luisa Sapino , V. S. Subrahmanian, Flexible support for multiple access control policies, ACM Transactions on Database Systems (TODS), v.26 n.2, p.214-260, June 2001  [doi>10.1145/383891.383894]
 
30
Dirk Jonscher , Jonathan D. Moffett , Klaus R. Dittrich, Complex Subjects, or: The Striving for Complexity is Ruling our World, Proceedings of the IFIP WG11.3 Working Conference on Database Security VII, p.19-37, September 12-15, 1993
 
31
Kudoh, M., Hirayama, Y., Hada, S., and Vollschwitz, A. 2000. Access control specification based on policy evaluation and enforcement model and specification language. In Symposium on Cryptograpy and Information Security, SCIS'2000.
 
32
R. Greg Lavender , Douglas C. Schmidt, Active object: an object behavioral pattern for concurrent programming, Pattern languages of program design 2, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1996
 
33
Douglas Lea , Doug Lea, Concurrent Programming in Java: Design Principles and Patterns, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1996
 
34
Hartmut Liefke , Susan B. Davidson, View Maintenance for Hierarchical Semistructured Data, Proceedings of the Second International Conference on Data Warehousing and Knowledge Discovery, p.114-125, September 04-06, 2000
 
35
Lunt, T. 1989. Access control policies for database systems. In Database Security, II: Status and Prospects, C. Landwehr, Ed., North-Holland, Amsterdam, 41--52.
 
36
Alberto O. Mendelzon , Peter T. Wood, Finding Regular Simple Paths in Graph Databases, SIAM Journal on Computing, v.24 n.6, p.1235-1258, Dec. 1995  [doi>10.1137/S009753979122370X]
 
37
Thomas J. Mowbray , Raphael C. Malveau, CORBA design patterns, John Wiley & Sons, Inc., New York, NY, 1997
 
38
Oracle Corp. 2000. Oracle and XML. Available at http://www.oracle.com/xml.
39
Joon S. Park , Ravi Sandhu , Gail-Joon Ahn, Role-based access control on the web, ACM Transactions on Information and System Security (TISSEC), v.4 n.1, p.37-71, Feb. 2001  [doi>10.1145/383775.383777]
40
Fausto Rabitti , Elisa Bertino , Won Kim , Darrell Woelk, A model of authorization for next-generation database systems, ACM Transactions on Database Systems (TODS), v.16 n.1, p.88-131, March 1991  [doi>10.1145/103140.103144]
 
41
Olivier Raynaud , Eric Thierry, A Quasi Optimal Bit-Vector Encoding of Tree Hierarchies. Application to Efficient Type Inclusion Tests, Proceedings of the 15th European Conference on Object-Oriented Programming, p.165-180, June 18-22, 2001
42
Joseph Reagle , Lorrie Faith Cranor, The platform for privacy preferences, Communications of the ACM, v.42 n.2, p.48-55, Feb. 1999  [doi>10.1145/293411.293455]
 
43
Rescher, N. 1969. Many Valued Logics. Mc Graw-Hill, New York.
 
44
Rescorla, E. and Schiffman, A. 1999. The secure hypertext transfer protocol. Available at http://www.ietf.org/rfc/rfc2660.txt.
 
45
Pierangela Samarati , Sabrina De Capitani di Vimercati, Access Control: Policies, Models, and Mechanisms, Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures, p.137-196, September 01, 2000
 
46
Pierangela Samarati , Elisa Bertino , Sushil Jajodia, An Authorization Model for a Distributed Hypertext System, IEEE Transactions on Knowledge and Data Engineering, v.8 n.4, p.555-562, August 1996  [doi>10.1109/69.536249]
 
47
Sandhu, R. and Samarati, P. 1997. Authentication, access control and intrusion detection. In CRC Handbook of Computer Science and Engineering, A. Tucker, Ed., CRC Press, Boca Raton, Fla., 1929--1948.
 
48
Sun Microsystems. 1999a. Java server pages (JSP) specification, release 1.1. Available at http:// www.javasoft.com/.
 
49
Sun Microsystems. 1999b. Java servlet API specification, release 2.2. Available at http://www.java soft.com/.
 
50
Thompson, H., Beech, D., Maloney, M., and Mendelsohn, N. 2001. XML schema part 1: Structures. World Wide Web Consortium (W3C). Available at http://www.w3.org/TR/xmlschema-1.
 
51
van Hoff, A., Partovi, H., and Thai, T. 1997. The open software description format (OSD). Available at http://www.w3.org/TR/NOTE-OSD.html.
 
52
Woo, T. and Lam, S. 1993. Authorizations in distributed systems: A new approach. J. Comput. Sec. 2, 2,3 (Feb.), 107--136.
 
53
World Wide Web Consortium (W3C). 1998. Document object model (DOM) level 1 specification version 1.0. World Wide Web Consortium (W3C). Available at http://www.w3.org/TR/REC-DOM-Level-1.
 
54
World Wide Web Consortium (W3C). 2001. XML path language (XPath) 2.0. World Wide Web Consortium (W3C). Available at http://www.w3.org/TR/xpath20.

CITED BY  72
Wenfei Fan , Chee-Yong Chan , Minos Garofalakis, Secure XML querying with security views, Proceedings of the 2004 ACM SIGMOD international conference on Management of data, June 13-18, 2004, Paris, France
Javier López , Antonio Maña , Juan J. Ortega , José M. Troya , Mariemma I. Yagüe, Integrating PMI services in CORBA applications, Computer Standards & Interfaces, v.25 n.4, p.391-409, August 2003
Ernesto Damiani , Sabrina De Capitani di Vimercati , Pierangela Samarati, Towards securing XML Web services, Proceedings of the 2002 ACM workshop on XML security, November 22-22, 2002, Fairfax, VA
Mingfei Jiang , Ada Wai-Chee Fu, Integration and Efficient Lookup of Compressed XML Accessibility Maps, IEEE Transactions on Knowledge and Data Engineering, v.17 n.7, p.939-953, July 2005
Béatrice Finance , Saïda Medjdoub , Philippe Pucheral, The case for access control on XML relationships, Proceedings of the 14th ACM international conference on Information and knowledge management, October 31-November 05, 2005, Bremen, Germany
Abhilash Gummadi , Jong P. Yoon , Biren Shah , Vijay Raghavan, A bitmap-based access control for restricted views of XML documents, Proceedings of the 2003 ACM workshop on XML security, October 31-31, 2003, Fairfax, Virginia
K. Komathy , V. Ramachandran , P. Vivekanandan, Security for XML messaging services: a component-based approach, Journal of Network and Computer Applications, v.26 n.2, p.197-211, April 2003
Eric Jui-Lin Lu , Rai-Fu Chen, Design and implementation of a fine-grained menu control processor for web-based information systems, Future Generation Computer Systems, v.19 n.7, p.1105-1119, October 2003
Saket Kaushik , Duminda Wijesekera , Paul Ammann, Policy-based dissemination of partial web-ontologies, Proceedings of the 2005 workshop on Secure web services, November 11-11, 2005, Fairfax, VA, USA
Sylvia Osborn , Bhavani Thuraisingham , Pierangela Samarati, Panel on XML and security, Proceedings of the fifteenth annual working conference on Database and application security, p.317-323, July 15-18, 2001, Niagara, Ontario, Canada
Jingzhu Wang , Sylvia L. Osborn, A role-based approach to access control for XML databases, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA
Jehan Wickramasuriya , Mahesh Datt , Sharad Mehrotra , Nalini Venkatasubramanian, Privacy protecting data collection in media spaces, Proceedings of the 12th annual ACM international conference on Multimedia, October 10-16, 2004, New York, NY, USA
Marco Cremonini , Sabrina De Capitani di Vimercati , Ernesto Damiani , Pierangela Samarati, An XML-based approach to combine firewalls and web services security specifications, Proceedings of the 2003 ACM workshop on XML security, October 31-31, 2003, Fairfax, Virginia
Marina Bykova , Mikhail Atallah, Succinct specifications of portable document access policies, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA
Hristo Koshutanski , Fabio Massacci, An access control framework for business processes for web services, Proceedings of the 2003 ACM workshop on XML security, October 31-31, 2003, Fairfax, Virginia
Siddhartha K. Goel , Chris Clifton , Arnon Rosenthal, Derived access control specification for XML, Proceedings of the 2003 ACM workshop on XML security, October 31-31, 2003, Fairfax, Virginia
Gleb Naumovich , Paolina Centonze, Static analysis of role-based access control in J2EE applications, ACM SIGSOFT Software Engineering Notes, v.29 n.5, September 2004
Bo Luo , Dongwon Lee , Wang-Chien Lee , Peng Liu, QFilter: fine-grained run-time XML access control via NFA-based query rewriting, Proceedings of the thirteenth ACM international conference on Information and knowledge management, November 08-13, 2004, Washington, D.C., USA
Li Qin , Vijayalakshmi Atluri, Concept-level access control for the Semantic Web, Proceedings of the 2003 ACM workshop on XML security, October 31-31, 2003, Fairfax, Virginia
Shihyu Chou , Eric Jui-Lin Lu , Yi-Hui Chen, X-RDR: a role-based delegation processor for web-based information systems, ACM SIGOPS Operating Systems Review, v.39 n.1, p.4-21, January 2005
Irini Fundulaki , Maarten Marx, Specifying access control policies for XML documents with XPath, Proceedings of the ninth ACM symposium on Access control models and technologies, June 02-04, 2004, Yorktown Heights, New York, USA
Li Yang , Raimund K. Ege , Huiqun Yu, Mediation security specification and enforcement for heterogeneous databases, Proceedings of the 2005 ACM symposium on Applied computing, March 13-17, 2005, Santa Fe, New Mexico
Rafae Bhatti , Elisa Bertino , Arif Ghafoor , James B. D. Joshi, XML-Based Specification for Web Services Document Security, Computer, v.37 n.4, p.41-49, April 2004
Rafae Bhatti , Elisa Bertino , Arif Ghafoor, A Trust-Based Context-Aware Access Control Model for Web-Services, Distributed and Parallel Databases, v.18 n.1, p.83-105, July 2005
Mizuho Iwaihara , Somchai Chatvichienchai , Chutiporn Anutariya , Vilas Wuwongse, Relevancy based access control of versioned XML documents, Proceedings of the tenth ACM symposium on Access control models and technologies, June 01-03, 2005, Stockholm, Sweden
Andreas Matheus, Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure, Proceedings of the tenth ACM symposium on Access control models and technologies, June 01-03, 2005, Stockholm, Sweden
Marina Blanton , Mikhail J. Atallah, Provable bounds for portable and flexible privacy-preserving access, Proceedings of the tenth ACM symposium on Access control models and technologies, June 01-03, 2005, Stockholm, Sweden
Gabriel Kuper , Fabio Massacci , Nataliya Rassadko, Generalized XML security views, Proceedings of the tenth ACM symposium on Access control models and technologies, June 01-03, 2005, Stockholm, Sweden
Martín Abadi , Bogdan Warinschi, Security analysis of cryptographically controlled access to XML documents, Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, June 13-15, 2005, Baltimore, Maryland
Luc Bouganim , Cosmin Cremarenco , François Dang Ngoc , Nicolas Dieu , Philippe Pucheral, Safe data sharing and data dissemination on smart devices, Proceedings of the 2005 ACM SIGMOD international conference on Management of data, June 14-16, 2005, Baltimore, Maryland
Naren Kodali , Csilla Farkas , Duminda Wijesekera, Creating non-decomposable stream bundles in multimedia web services using uSMIL, Proceedings of the 2004 workshop on Secure web service, p.67-76, October 29-29, 2004, Fairfax, Virginia
Naizhen Qi , Michiharu Kudo , Jussi Myllymaki , Hamid Pirahesh, A function-based access control model for XML databases, Proceedings of the 14th ACM international conference on Information and knowledge management, October 31-November 05, 2005, Bremen, Germany
Hao Jin , Curtis Dyreson, Sanitizing using metadata in MetaXQuery, Proceedings of the 2005 ACM symposium on Applied computing, March 13-17, 2005, Santa Fe, New Mexico
Jason Crampton, Applying hierarchical and role-based access control to XML documents, Proceedings of the 2004 workshop on Secure web service, p.37-46, October 29-29, 2004, Fairfax, Virginia
Alban Gabillon, An authorization model for XML databases, Proceedings of the 2004 workshop on Secure web service, p.16-28, October 29-29, 2004, Fairfax, Virginia
Carlos Gutiérrez , Eduardo Fernández-Medina , Mario Piattini, Web services enterprise security architecture: a case study, Proceedings of the 2005 workshop on Secure web services, November 11-11, 2005, Fairfax, VA, USA
Maggie Duong , Yanchun Zhang, An integrated access control for securely querying and updating XML data, Proceedings of the nineteenth conference on Australasian database, December 03-04, 2007, Gold Coast, Australia
Fengjun Li , Bo Luo , Peng Liu , Dongwon Lee , Chao-Hsien Chu, Automaton segmentation: a new approach to preserve privacy in xml information brokering, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
Béchara Al Bouna , Richard Chbeir, Multimedia-based authorization and access control policy specification, Proceedings of the 3rd ACM workshop on Secure web services, November 03-03, 2006, Alexandria, Virginia, USA
Patrick Röder , Omid Tafreschi , Claudia Eckert, History-based access control for XML documents, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
Philippa Gardner , Sergio Maffeis, Modelling dynamic web data, Theoretical Computer Science, v.342 n.1, p.104-131, 6 September 2005
Amit Jain , Csilla Farkas, Secure resource description framework: an access control model, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
Paolina Centonze , Gleb Naumovich , Stephen J. Fink , Marco Pistoia, Role-Based access control consistency validation, Proceedings of the 2006 international symposium on Software testing and analysis, July 17-20, 2006, Portland, Maine, USA
Eduardo Fernández-Medina , Juan Trujillo , Rodolfo Villarroel , Mario Piattini, Access control and audit model for the multidimensional modeling of data warehouses, Decision Support Systems, v.42 n.3, p.1270-1289, December 2006
Huaxin Zhang , Ning Zhang , Kenneth Salem , Donghui Zhuo, Compact access control labeling for efficient secure XML query evaluation, Data & Knowledge Engineering, v.60 n.2, p.326-344, February, 2007
Bogdan Cautis, Distributed access control: a privacy-conscious approach, Proceedings of the 12th ACM symposium on Access control models and technologies, June 20-22, 2007, Sophia Antipolis, France
Mizuho Iwaihara , Ryotaro Hayashi , Somchai Chatvichienchai , Chutiporn Anutariya , Vilas Wuwongse, Relevancy-based access control and its evaluation on versioned XML documents, ACM Transactions on Information and System Security (TISSEC), v.10 n.1, p.3-es, February 2007
Luc Bouganim , François Dang Ngoc , Philippe Pucheral, Client-based access control management for XML documents, Proceedings of the Thirtieth international conference on Very large data bases, p.84-95, August 31-September 03, 2004, Toronto, Canada
Xiaochun Yang , Chen Li, Secure XML publishing without information leakage in the presence of data inference, Proceedings of the Thirtieth international conference on Very large data bases, p.96-107, August 31-September 03, 2004, Toronto, Canada
Gerome Miklau , Dan Suciu, Controlling access to published data using cryptography, Proceedings of the 29th international conference on Very large data bases, p.898-909, September 09-12, 2003, Berlin, Germany
Serge Abiteboul , Bogdan Alexe , Omar Benjelloun , Bogdan Cautis , Irini Fundulaki , Tova Milo , Arnaud Sahuguet, An electronic patient record "on steroids": distributed, peer-to-peer, secure and privacy-conscious, Proceedings of the Thirtieth international conference on Very large data bases, p.1273-1276, August 31-September 03, 2004, Toronto, Canada
Irini Fundulaki , Sebastian Maneth, Formalizing XML access control for update operations, Proceedings of the 12th ACM symposium on Access control models and technologies, June 20-22, 2007, Sophia Antipolis, France
Nabil Adam , Ahmet Kozanoglu , Aabhas Paliwal , Basit Shafiq, Secure Information Sharing in a Virtual Multi-Agency Team Environment, Electronic Notes in Theoretical Computer Science (ENTCS), 179, p.97-109, July, 2007
M. Pistoia , S. Chandra , S. J. Fink , E. Yahav, A survey of static analysis methods for identifying security vulnerabilities in software systems, IBM Systems Journal, v.46 n.2, p.265-288, April 2007
Marco Pistoia , Stephen J. Fink , Robert J. Flynn , Eran Yahav, When Role Models Have Flaws: Static Validation of Enterprise Security Policies, Proceedings of the 29th International Conference on Software Engineering, p.478-488, May 20-26, 2007
L. Seitz , E. Rissanen , T. Sandholm , B. S. Firozabadi , O. Mulmo, Policy Administration Control and Delegation Using XACML and Delegent, Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing, p.49-54, November 13-14, 2005
Luc Bouganim , Francois Dang Ngoc , Philippe Pucheral, Dynamic access-control policies on XML encrypted data, ACM Transactions on Information and System Security (TISSEC), v.10 n.4, p.1-37, January 2008
Jae-Gil Lee , Kyu-Young Whang , Wook-Shin Han , Il-Yeol Song, The dynamic predicate: integrating access control with query processing in XML databases, The VLDB Journal — The International Journal on Very Large Data Bases, v.16 n.3, p.371-387, July 2007
Marina Blanton , Mikhail Atallah, Succinct representation of flexible and privacy-preserving access rights, The VLDB Journal — The International Journal on Very Large Data Bases, v.15 n.4, p.334-354, November 2006
Jun Gao , Tengjiao Wang , Dongqing Yang, XFlat: Query-friendly encrypted XML view publishing, Information Sciences: an International Journal, v.178 n.3, p.774-787, February, 2008
Jong P. Yoon, Presto Authorization: A Bitmap Indexing Scheme for High-Speed Access Control to XML Documents, IEEE Transactions on Knowledge and Data Engineering, v.18 n.7, p.971-987, July 2006
Martín Abadi , Bogdan Warinschi, Security analysis of cryptographically controlled access to XML documents, Journal of the ACM (JACM), v.55 n.2, p.1-29, May 2008
Jianhua Feng , Na Ta , Guoliang Li , Yu Liu , Dapeng Lv, A framework of semantic cache for secure XML query answering: an interesting joint and novel perspective, Proceedings of the 2nd international conference on Scalable information systems, June 06-08, 2007, Suzhou, China
Loreto Bravo , James Cheney , Irini Fundulaki, ACCOn: checking consistency of XML write-access control policies, Proceedings of the 11th international conference on Extending database technology: Advances in database technology, March 25-29, 2008, Nantes, France
Hye-Kyeong Ko , Min-Jeong Kim , SangKeun Lee, On the efficiency of secure XML broadcasting, Information Sciences: an International Journal, v.177 n.24, p.5505-5521, December, 2007
Hong Zhu , Renchao Jin , Kevin Lü, A flexible mandatory access control policy for XML databases, Proceedings of the 2nd international conference on Scalable information systems, June 06-08, 2007, Suzhou, China
Mario Cannataro , Domenico Talia , Giuseppe Tradigo , Paolo Trunfio , Pierangelo Veltri, SIGMCC: A system for sharing meta patient records in a Peer-to-Peer environment, Future Generation Computer Systems, v.24 n.3, p.222-234, March, 2008
M. R. Sumalatha , V. Vaidehi , A. Kannan, Semantic query Cache using Dynamic Facts (SCDF): a novel approach to efficient information retrieval, International Journal of Metadata, Semantics and Ontologies, v.2 n.4, p.281-294, July 2007
Ernesto Damiani , Majirus Fansi , Alban Gabillon , Stefania Marrara, A general approach to securely querying XML, Computer Standards & Interfaces, v.30 n.6, p.379-389, August, 2008
Hong Zhu , Kevin Lü , Renchao Jin, A practical mandatory access control model for XML databases, Information Sciences: an International Journal, v.179 n.8, p.1116-1133, March, 2009
Dong-Xi Liu, CSchema: a downgrading policy language for XML access control, Journal of Computer Science and Technology, v.22 n.1, p.44-53, January 2007
Jian-Hua Feng , Guo-Liang Li , Na Ta, A semantic cache framework for secure XML queries, Journal of Computer Science and Technology, v.23 n.6, p.988-997, November 2008

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.0 General

Additional Classification:
  H. Information Systems
  H.2 DATABASE MANAGEMENT
      H.2.7 Database Administration
          Subjects: Security, integrity, and protection

  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)


General Terms:
Security


Keywords:
Access control, World Wide Web, XML documents, authorizations specification and enforcement

Collaborative Colleagues:
Ernesto Damiani: colleagues
Sabrina De Capitani di Vimercati: colleagues
Stefano Paraboschi: colleagues
Pierangela Samarati: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player