Skip to Main content Skip to Navigation
Reports

The case for Access Control on XML relationships

Béatrice Finance 1 Saïda Medjdoub 1 Philippe Pucheral 1
1 SMIS - Secured and Mobile Information Systems
PRISM - Parallélisme, Réseaux, Systèmes, Modélisation, UVSQ - Université de Versailles Saint-Quentin-en-Yvelines, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR8144
Abstract : With the emergence of XML as the de facto standard to exchange and disseminate information, the problem of regulating access to XML documents has attracted a considerable attention in recent years. Existing models attach authorizations to nodes of an XML document but disregard relationships between them. However, ancestor and sibling relationships may reveal information as sensitive as the one carried out by the nodes themselves (e.g., classifications, correlations). This paper advocates the integration of relationships as first class citizen in the access control models for XML and makes the following contributions. First, it characterizes three essential classes of relationship authorizations and identifies the mechanisms required to translate them accurately in an authorized view of a source document. Second, it introduces a rule-based formulation for expressing these classes of relationship authorizations and defines an associated conflict resolution strategy. Third, it proposes tractable algorithms to support relationship authorizations. Rather than being yet-another XML access control model, the proposed approach allows a seamless integration of relationship authorizations in existing XML access control model.
Document type :
Reports
Complete list of metadata

Cited literature [24 references]  Display  Hide  Download

https://hal.inria.fr/inria-00070561
Contributor : Rapport de Recherche Inria <>
Submitted on : Friday, May 19, 2006 - 8:53:18 PM
Last modification on : Friday, January 10, 2020 - 3:42:17 PM
Long-term archiving on: : Sunday, April 4, 2010 - 9:28:12 PM

Identifiers

  • HAL Id : inria-00070561, version 1

Collections

Citation

Béatrice Finance, Saïda Medjdoub, Philippe Pucheral. The case for Access Control on XML relationships. [Research Report] RR-5446, INRIA. 2005, pp.23. ⟨inria-00070561⟩

Share

Metrics

Record views

258

Files downloads

327