A purpose-based access control in native XML databases

Sun, Lili and Wang, Hua (2012) A purpose-based access control in native XML databases. Concurrency and Computation: Practice and Experience, 24 (10). pp. 1154-1166. ISSN 1532-0626


With the growing importance of privacy in data access, much research has been done on the privacy protecting technology in the recent years. Developing an access control model and related mechanisms to support a selective access data has become important. The extensible markup language (XML) is rapidly emerging as the new standard language for semi-structured data representation and exchange on the Internet with more and more information being distributed in XML format. In this paper, we present a comprehensive approach for privacy preserving access control based on the notion of purpose. In our model, purpose information associated with a given data element in an XML document specifies the intended use of the data elements. An important issue addressed in this paper is the granularity of data labeling for data elements in XML documents and tree databases with which purposes can be associated. We address this issue in native XML databases and propose different labeling schemes for XML documents. We also propose an approach to represent purpose information to support access control based on purpose information. Our proposed solution relies on usage access control models as well as the components that are based on the notions of the purpose information used in subjects and objects. Finally, comparisons with related works are analysed.

Statistics for USQ ePrint 19213
Statistics for this ePrint Item
Item Type: Article (Commonwealth Reporting Category C)
Refereed: Yes
Item Status: Live Archive
Additional Information: © 2011 John Wiley & Sons, Ltd. Permanent restricted access to published version due to publisher copyright policy.
Faculty / Department / School: Historic - Faculty of Sciences - Department of Maths and Computing
Date Deposited: 01 Jan 2013 00:17
Last Modified: 20 Feb 2015 04:19
Uncontrolled Keywords: authorization; native XML databases; purpose; usage access control
Fields of Research : 08 Information and Computing Sciences > 0806 Information Systems > 080604 Database Management
08 Information and Computing Sciences > 0803 Computer Software > 080303 Computer System Security
15 Commerce, Management, Tourism and Services > 1503 Business and Management > 150307 Innovation and Technology Management
Socio-Economic Objective: E Expanding Knowledge > 97 Expanding Knowledge > 970108 Expanding Knowledge in the Information and Computing Sciences
Identification Number or DOI: 10.1002/cpe.1717
URI: http://eprints.usq.edu.au/id/eprint/19213

Actions (login required)

View Item Archive Repository Staff Only