Client-based access control management for XML document

Luc Bouganim 1, 2 François Dang Ngoc 1 Philippe Pucheral 1, 2
1 SMIS - Secured and Mobile Information Systems
PRISM - Parallélisme, Réseaux, Systèmes, Modélisation, UVSQ - Université de Versailles Saint-Quentin-en-Yvelines, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR8144
Abstract : The erosion of trust put in traditional database servers and in Database Service Providers, the growing interest for different forms of data dissemination and the concern for protecting children from suspicious Internet content are different factors that lead to move the access control from servers to clients. Several encryption schemes can be used to serve this purpose but all suffer from a static way of sharing data. With the emergence of hardware and software security elements on client devices, more dynamic client-based access control schemes can be devised. This paper proposes an efficient client-based evaluator of access control rules for regulating access to XML documents. This evaluator takes benefit from a dedicated index to quickly converge towards the authorized parts of a – potentially streaming – document. Additional security mecanisms guarantee that prohibited data can never be disclosed during the processing and that the input document is protected from any form of tampering. Experiments on synthetic and real datasets demonstrate the effectiveness of the approach.
Type de document :
Communication dans un congrès
30th International Conference on Very Large Data Bases ‪: VLDB 2004, 2004, Toronto, Canada. Morgan Kaufmann, pp.84-95, 2004
Liste complète des métadonnées

Littérature citée [16 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00340026
Contributeur : Elisabeth Baque <>
Soumis le : mercredi 19 novembre 2008 - 16:25:45
Dernière modification le : vendredi 25 mai 2018 - 12:02:04
Document(s) archivé(s) le : lundi 7 juin 2010 - 23:08:00

Fichier

VLDB04.pdf
Fichiers éditeurs autorisés sur une archive ouverte

Identifiants

  • HAL Id : inria-00340026, version 1

Collections

Citation

Luc Bouganim, François Dang Ngoc, Philippe Pucheral. Client-based access control management for XML document. 30th International Conference on Very Large Data Bases ‪: VLDB 2004, 2004, Toronto, Canada. Morgan Kaufmann, pp.84-95, 2004. 〈inria-00340026〉

Partager

Métriques

Consultations de la notice

161

Téléchargements de fichiers

128