Abstract
Since XML was presented as a standard data type on the web, many data have been made and transformed into the XML type, consequently generating a large amount of XML data. Therefore, the need for efficient management and security of large-capacity XML data is gradually becoming important. The existing access control has problems that DOM trees should be loaded on memory in the process of parsing all XML documents to generate DOM trees, that a large amount of memory is used to search for trees repetitively to set access authorization on all nodes of DOM trees, and that the system becomes inefficient due to complicated authorization assessment. In this paper, we suggest an access control policy model and tree labeling algorithm for secure XML documents. So it can reduce expenses of authorization assessment of the existing access control implemented in a complicated and repetitive way.
Chapter PDF
Similar content being viewed by others
Keywords
- Access Control
- Access Control Policy
- Access Control Model
- Uniform Resource Identifier
- Document Object Model
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
A. Gabillon and E. Bruno, “Regulating Access to XML Documents”, In Proc. IFIP WG11.3 Working Conference on Database Security, 2001
Document Object Model(DOM), Avaiable at http://www.w3.org/DOM/
E. Bertino, S. Castano. E. Ferrari, M. Mesiti, “Specifying and Enforcing Access Control Policies for XML Document Sources”, WWW Journal, Baltzer Science Publishers, Vol.3, N.3, 2000.
E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati, “Securing XML documents,” in Proc. Of the 2000 International Conference on Extending Database Technology(EDBT2000), Konstanz, Germany, March 27–31, 2000
E. Damiani, S. Vimercati, S. Paraboschi, and P. Samarati, “Design and implementation of an access control processor for xml documents”. In proceedings of the 9th International WWW Conference, Amsterdam, May 2000.
IBM Tokyo Lab, “XML Access Control Language”, 2000, Http://www.tr.ibm.com/projects/xml/xacl/xaclpec.html
Michiharu Kudo. Satoshi Hada “XML Document Security based on Provisional Authorization” CSS 2000, Athens, Greece
OASIS-XACMLTC, “OASIS extensible Access Control Markup Language”, Working Draft 15, 12 July 2002, http://www.oasisopen.org/ommittess/xacml/repository/draft-xacml-schema-policy-15.doc
Sun’s XACML Implementation. http://sunxacml. soureefore.net/.
T. Bray et al. “Extensible Markup Language(XML) 1.0”. World Wide Web Consortium(W3C). http://www.w3c.org/TR/REC-xmKOctober 2000).
World Wide Web Consortium(W3C), “XML Path Language(XPath) Version 1.0”, http://www.w3.org/TR/PR-XPath 19991008, (October 1999).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this paper
Cite this paper
Jo, SM., Yang, CM., Yoo, WH. (2005). XML Access Control for Security and Memory Management. In: Glitho, R., Karmouch, A., Pierre, S. (eds) Intelligence in Communication Systems. INTELLCOMM 2005. IFIP — The International Federation for Information Processing, vol 190. Springer, Boston, MA. https://doi.org/10.1007/0-387-32015-6_17
Download citation
DOI: https://doi.org/10.1007/0-387-32015-6_17
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-29121-5
Online ISBN: 978-0-387-32015-1
eBook Packages: Computer ScienceComputer Science (R0)