loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Tomasz Müldner 1 ; Jan Krzysztof Miziołek 2 and Gregory Leighton 3

Affiliations: 1 Jodrey School of Computer Science, Acadia University, Canada ; 2 IBI AL, University of Warsaw, Poland ; 3 University of Calgary, Canada

ISBN: 978-989-8111-36-4

Keyword(s): Access control, XML, parameterized roles.

Related Ontology Subjects/Areas/Topics: Data and Application Security and Privacy ; Database Security ; Information and Systems Security

Abstract: We consider the setting of secure publishing of XML documents, in which read-only access control policies (ACPs) over static XML datasets are enforced using cryptographic keys. The role-based access control (RBAC) model provides a flexible method for specifying such policies. Extending the RBAC model to include role parameterization addresses the problem of role proliferation which can occur in large scale systems. In this paper, we describe the complete design of a parameterized RBAC (PRBAC) model for XML documents. We also describe algorithms for generating the minimum number of keys required to enforce an arbitrary PRBAC policy; for distributing to each user only keys needed for decrypting accessible nodes; and for applying the minimal number of encryption operations to an XML document required to satisfy the protection requirements of the policy. The time complexity of our approach is linear w.r.t. document size and the number of roles.

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 35.171.45.91

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Müldner T.; Krzysztof Miziołek J.; Leighton G. and (2008). SUCCINCT ACCESS CONTROL POLICIES FOR PUBLISHED XML DATASETS.In Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 4: ICEIS, ISBN 978-989-8111-36-4, pages 380-385. DOI: 10.5220/0001726103800385

@conference{iceis08,
author={Tomasz Müldner and Jan {Krzysztof Miziołek} and Gregory Leighton},
title={SUCCINCT ACCESS CONTROL POLICIES FOR PUBLISHED XML DATASETS},
booktitle={Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 4: ICEIS,},
year={2008},
pages={380-385},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001726103800385},
isbn={978-989-8111-36-4},
}

TY - CONF

JO - Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 4: ICEIS,
TI - SUCCINCT ACCESS CONTROL POLICIES FOR PUBLISHED XML DATASETS
SN - 978-989-8111-36-4
AU - Müldner, T.
AU - Krzysztof Miziołek, J.
AU - Leighton, G.
PY - 2008
SP - 380
EP - 385
DO - 10.5220/0001726103800385

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.