Browse > Article

Access Control of XML Documents using Predictable Flags  

Son, Tae-Yong (Dept. of IT Engineering, Catholic University of Daegu)
Lee, Jong-Hak (Dept. of IT Engineering, Catholic University of Daegu)
Publication Information
Journal of Information Technology and Architecture / v.11, no.3, 2014 , pp. 321-332 More about this Journal
Abstract
In this paper we propose a new notion of predictable flags type of authorization for controlling access to XML documents. By using predictable flags, we are able to efficiently detect conflicts between existing authorizations and new authorizations to be added. XML documents have an element-composition hierarchical structure in that a higher level element consists of multiple lower level sub-elements. Many XML documents systems have used the notion of implicit authorization that grants authorizations to an element and the all descendants to avoid the overhead caused by explicitly storing all authorization for each element. When we grant an authorization on an element in the XML documents, the implicit authorization method is inefficient in determining the conflicts since it needs to examine all authorizations on the descendants of that element. In contrast, our mechanism using predictable flags has the advantage of detecting the conflicts immediately at the element where an explicit authorization is to be granted.
Keywords
XML Documents; XML Schema; XML Access Authorization; Authorization Grant;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 T. Bray et al., Extensible Markup Language (XML) 1.0. W3C Recommendation, http://www.w3.org/TR/2008/REC-xml-20081126/, Nov. 2008.
2 여대휘, 이종학, "XML 필터링 질의의 효율적 처리를 위한 이차원 그룹핑 색인기법," 정보기술아키텍처연구, 제10권 제1호, pp. 123-135, 2013년 3월
3 C. H. Lim and S. Park and S. H. Son, "Access Control of XML Documents Considering Update Operations," In Proc. 10th ACM workshop on XML Security, Fairfax, VA, USA, 2003.
4 D. Eastlake et al., XML Signature Syntax and Processing Version 1.1. W3C Recommendation, http://www.w3.org/TR/2013/REC-xmldsig-core1-20130411/, Apr. 2013
5 문훙근외 2인, "기업용 Endpoint 보안솔루션 도입을 위한 의사결정 프로세스에 대한 연구," 정보기술아키텍처연구, 제11권 2호, pp. 143-155, 2014년 6월.
6 E. Damiani, S. Vimercati, S. Paraboschi, and P. Samariti, "Design and implementation of an access control processor for XML Documents," Computer Networks, Vol 33, No. 1-6. pp. 59-75, Jun. 2000.   DOI   ScienceOn
7 강정모, 이헌길, "XML 문서를 위한 묵시적 권한부여 기법," 한국정보과학회 2007년도 봄 학술발표논문집, 제 1호(A), 한국정보과학회, pp. 700-702, 2007년 4월.
8 F. Rabitti et al., "A Model of Authorization for Next-Generation Database Systems," ACM Trans. on Database Systems, Vol. 16, No. 1, pp. 88-131, 1991.   DOI
9 손태종외 3인, "객체지향 데이터베이스 시스템에서의 권한 충돌 탐지 기법," 한국정보과학회 학술발표논문집, 제 24권 제 2호(I), pp. 55-58, 1997년 10월.
10 J. N. Gray, R. A. Lorie and G. R. Putzolu, "Granularity of Locks in a Shared DataBase," In Proc. Int'l Conf. on Very Large DataBases, Framingham, Massachusetts, pp. 428-451, Sept. 1975.
11 W. Kim, E. Bertino and J. Garza, "Composite Objects Revisited," In Proc. Int'l Conf. on Management of Data, ACM SIGMOD, Portland, Oregon, pp. 337-347, 1989.
12 D. Peterson et al., W3C XML Schema Definition Language (XSD) 1.1 Part 2: Datatypes, http://www.w3.org/TR/2012/REC-xmlschema11-2-20120405/, Apr. 2012.
13 M. Kudo and S. Hada, "XML Document Security Based on Provisional Authorization," In Proc. 7th ACM Conf. on Computer and Communications Security, Athens, Greece, pp. 87-96, Nov. 2000.
14 E. Bertino, F. Bucafurri, D. Ferrari and P. Rullo, "An Authorization Model and Its Formal Semantics," In Proc. 5th European Symposium on Research in Computer Security, pp. 127-142, Sep. 1998.
15 W. Kim, Introduction to Object-Oriented Databases, MIT Press, 1990.
16 S. M. Jo et al., "Access Authorization Policy for XML Document Security," In Proc. Int'l Symp. on Parallel and Distributed Processing and Applications ISPA Workshops 2005, Vol. 3759, pp. 589-598, 2005.
17 조선문, 정경용, "XML 문서 보안을 위한 효율적인 권한 부여 방법," 한국콘텐츠학회논문지, 제9권 제8호, 한국콘텐츠학회, pp. 113-120, 2009년 8월.