HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation

The case for Access Control on XML relationships

Béatrice Finance 1 Saïda Medjdoub 1 Philippe Pucheral 1
1 SMIS - Secured and Mobile Information Systems
PRISM - Parallélisme, Réseaux, Systèmes, Modélisation, UVSQ - Université de Versailles Saint-Quentin-en-Yvelines, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR8144
Abstract : With the emergence of XML as the de facto standard to exchange and disseminate information, the problem of regulating access to XML documents has attracted a considerable attention in recent years. Existing models attach authorizations to nodes of an XML document but disregard relationships between them. However, ancestor and sibling relationships may reveal information as sensitive as the one carried out by the nodes themselves (e.g., classifications, correlations). This paper advocates the integration of relationships as first class citizen in the access control models for XML and makes the following contributions. First, it characterizes three essential classes of relationship authorizations and identifies the mechanisms required to translate them accurately in an authorized view of a source document. Second, it introduces a rule-based formulation for expressing these classes of relationship authorizations and defines an associated conflict resolution strategy. Third, it proposes tractable algorithms to support relationship authorizations. Rather than being yet-another XML access control model, the proposed approach allows a seamless integration of relationship authorizations in existing XML access control model.
Document type :
Complete list of metadata

Cited literature [24 references]  Display  Hide  Download

Contributor : Rapport de Recherche Inria Connect in order to contact the contributor
Submitted on : Friday, May 19, 2006 - 8:53:18 PM
Last modification on : Wednesday, April 6, 2022 - 3:48:16 PM
Long-term archiving on: : Sunday, April 4, 2010 - 9:28:12 PM


  • HAL Id : inria-00070561, version 1



Béatrice Finance, Saïda Medjdoub, Philippe Pucheral. The case for Access Control on XML relationships. [Research Report] RR-5446, INRIA. 2005, pp.23. ⟨inria-00070561⟩



Record views


Files downloads