Sun, Lili and Wang, Hua and Jururajin, Raj and Sriprakash, Sri (2010) A purpose based access control in XML databases system. In: NSS 2010: 4th International Conference on Network and System Security, 1-3 Sep 2010, Melbourne, Australia.
With the growing importance of privacy in data access, much research has been done on the privacy protecting technology in recent years. Developing an access control model and related mechanisms to support a selective access data become important. The extensible markup language (XML) is rapidly emerging as the new standard language for semi-structured data representation and exchange on the Internet. And now more and more information is distributed in XML format. In this article, we present a comprehensive approach for privacy preserving access control based on the notion of purpose. In our model, purpose information associated with a given data elements in an XML document specifies the intended use of the data elements. An important issue addressed in this article is the granularity of data labeling for data elements in XML documents and tree databases with which purposes can be associated. We address this issue in XML databases and propose different labeling schemes for XML documents. We also propose an approach to represent purpose information to support access control based on purpose information. Our proposed solution relies on usage access control (UAC) models as well as the components which based on the notions of the purpose information used in subjects and objects. Finally, comparisons with related works are analysed.
|Item Type:||Conference or Workshop Item (Commonwealth Reporting Category E) (Paper)|
|Additional Information:||Permanent restricted access to Published version, due to publisher copyright restrictions. This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder. Copyright 2010 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.|
|Uncontrolled Keywords:||access control models; authorization; data access; labeling scheme; privacy preserving; privacy protecting; semi structured data; tree database; usage access control; XML database; XML databases; XML format|
|Depositing User:||Dr Hua Wang|
|Date Deposited:||07 Jan 2011 03:23|
|Last Modified:||02 Jul 2013 23:59|
Actions (login required)
|Archive Repository Staff Only|