Abstract
In this paper, we present a history-based model which considers not only the content of an XML document to define access, but also how this content was created. The last aspect is an important factor for access control. Within the proposed model, the creation of documents is stored in histories, which also contain the source and destination of copied document parts. This enables us to define access depending on the origin of document parts. Applying this model in an environment where multiple users can edit documents concurrently is a challenging task, since access decisions depend on other documents, which are possibly edited at the same time. For this purpose, we present a system architecture which supports an efficient workflow and reduces the overhead for determining access rights of documents depending on other documents.
Chapter PDF
Similar content being viewed by others
References
Bell, D., LaPadula, L.: Secure Computer Systems: Mathematical Foundations and Model. Technical Report M74-244, MITRE Corp, Bedfort, MA (1973)
Bertino, E., Ferrari, E.: Secure and Selective Dissemination of XML Documents. ACM Transactions on Information and System Security 5(3), 290–331 (2002)
Brewer, F.D., Nash, J.M.: The Chinese Wall Security Policy. In: IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (1989)
Clark, J., DeRose, S.: XML Path Language (XPath) Version 1.0. W3C recommendation, W3C (1999), http://www.w3.org/TR/1999/REC-xpath-19991116
Damiani, E., Capitani, S.D., Paraboschi, S., Samarati, P.: Securing XML Documents. In: Zaniolo, C., Grust, T., Scholl, M.H., Lockemann, P.C. (eds.) EDBT 2000. LNCS, vol. 1777, pp. 121–135. Springer, Heidelberg (2000)
Damiani, E., di Vimercati, S.D.C., Paraboschi, S., Samarati, P.: A Fine-Grained Access Control System for XML Documents. TISSEC 5(2), 169–202 (2002)
Fundulaki, I., Marx, M.: Specifying Access Control Policies for XML Documents with XPath. In: SACMAT 2004. Proceedings of the ninth ACM Symposium on Access Control Models and Technologies, ACM Press, New York (2004)
Gabillon, A., Bruno, E.: Regulating Access to XML Documents. In: Working Conference on Database and Application Security, pp. 299–314. Kluwer Academic Publishers, Dordrecht (2002)
Gordon, L.A., Loeb, M.P., Lucyshyn, W., Richardson, R.: 2006 CSI/FBI Computer Crime and Security Survey. Technical report, CSI (2006)
Graham, G.S., Denning, P.J.: Protection - Principles and Practice. In: Spring Joint Computer Reference, vol. 40, pp. 417–429 (1972)
Iwaihara, M., Chatvichienchai, S., Anutariya, C., Wuwongse, V.: Relevancy Based Access Control of Versioned XML Documents. In: SACMAT 2005. Proceedings of the tenth ACM Symposium on Access Control Models and Technologies, Stockholm, Sweden, pp. 85–94. ACM Press, New York (2005)
Mellgren, F.: History-Based Access Control for XML Documents. Master’s thesis, Technische Universität Darmstadt (June 2007)
Murata, M., Tozawa, A., Kudo, M.: XML Access Control using Static Analysis. In: ACM Conference on Computer and Communications Security, ACM Press, New York (2003)
Röder, P., Tafreschi, O., Eckert, C.: History-Based Access Control for XML Documents. In: ASIACCS 2007. Proceedings of the ACM Symposium on Information, Computer and Communications Security, ACM Press, New York (2007)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Tichy, W.F.: RCS - A System for Version Control. Softw. - Practice and Experience 15(7), 637–654 (1985)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Röder, P., Tafreschi, O., Mellgren, F., Eckert, C. (2007). A System Architecture for History-Based Access Control for XML Documents. In: Qing, S., Imai, H., Wang, G. (eds) Information and Communications Security. ICICS 2007. Lecture Notes in Computer Science, vol 4861. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77048-0_28
Download citation
DOI: https://doi.org/10.1007/978-3-540-77048-0_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77047-3
Online ISBN: 978-3-540-77048-0
eBook Packages: Computer ScienceComputer Science (R0)