An Extended Mandatory Access Control Model for XML

Zhang, Dong-Zhan; Xue, Yong-Sheng

doi:10.1007/11596370_37

Dong-Zhan Zhang¹⁹ &
Yong-Sheng Xue¹⁹

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 3818))

Included in the following conference series:

Annual Asian Computing Science Conference

446 Accesses

Abstract

More and more information is distributed in XML format. Information stored in XML documents should be protected by access control policy. An extended MAC model for XML is presented. The subject and object are discussed at first. The labeled XML document model, which includes three rules and one algorithm, is presented allowing for definition and enforcement of access restrictions directly on the structure and content of XML documents. The extended MAC model for XML documents is described in detail by discussing four operations on XML documents. The architecture and some mechanisms used to implement the model are discussed at last.

Supported by the National Natural Science Foundation of China under Grant No.50474033.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Bertino, E., Castano, S., Ferrari, E.: On Specifying Security Policies for Web Documents with an XML-based Language. In: Proceedings of Sixth ACM Symposium on Access Control Models and Technologies (2001)
Google Scholar
Damiani, E., di Vimercati, S.D.C., Paraboschi, S., Samarati, P.: A Fine Grained Access Control System for XML Documents. ACM Transactions on Information and System Security 5(2) (May 2002)
Google Scholar
Why XML Schema beats DTDs hands-down for data (2005), http://www.106.ibm.com /developerworks /xml/library/x-sbsch.html
Hada, S., Kudo, M.: XML Access Control Language:Provisional Authorization for XML Documents. Tokyo Research Laboratory, IBM Research, April 17 (2002)
Google Scholar
Vuong, N.N., Smith, G.S., Deng, Y.: Managing Security Policies in a Distributed Environment Using eXtensible Markup Language (XML). In: Symposium on Applied Computing (March 2001)
Google Scholar
XACML 2.0 specification (2005), http://docs.oasis-open.org/xacml/2.0/XACML-2.0-OS-ALL.zip
Li, L., He, Y.-Z., Feng, D.-G.: A Fine-Grained Mandatory Access Control Model for XML Documents. Journal of Software 15(10), 1528–1537 (2004)
MATH Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computer Science, Xiamen University, Xiamen, 361005
Dong-Zhan Zhang & Yong-Sheng Xue

Authors

Dong-Zhan Zhang
View author publications
You can also search for this author in PubMed Google Scholar
Yong-Sheng Xue
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

INRIA-LIAMA Institute of Automation, Beijing, China
Stéphane Grumbach
Computer Science and Engineering Department, San Diego, University of California, 92093-0404, La Jolla, CA, USA
Liying Sui
UC San Diego, USA
Victor Vianu

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Zhang, DZ., Xue, YS. (2005). An Extended Mandatory Access Control Model for XML. In: Grumbach, S., Sui, L., Vianu, V. (eds) Advances in Computer Science – ASIAN 2005. Data Management on the Web. ASIAN 2005. Lecture Notes in Computer Science, vol 3818. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596370_37

Download citation

DOI: https://doi.org/10.1007/11596370_37
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30767-9
Online ISBN: 978-3-540-32249-8
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics