Abstract
XML has been widely adopted for Web data representation under various applications (such as DBMSs, Digital Libraries etc). Therefore, access to XML data sources has become a crucial issue. In this paper we introduce a credential-based access control framework for protecting XML resources. Under this framework, we propose the use of access policy files containing policies concerning a specific credentials type. Moreover, we propose the reorganization of the policies in these files based on their frequency of use (the more frequently it is used the higher in the file it is placed). Our main goal is to improve request servicing times. Several experiments have been conducted which are carried out either on single request or on multiple requests base. The proposed framework is proven quite beneficial for protecting XML-based frameworks such as digital libraries or any other data resources whose format is expressed in XML.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Adam, R., Atluri, N.R., Bertino, V., Ferrari, E.E.: A Content-based Authorization Model for Digital Libraries. IEEE Transactions on Knowledge and Data Engineering 14(2), 296–315 (2002)
Bertino, E., Castano, S., Ferrari, E.: Securing XML Documents with Author-X. IEEE Internet Computing, 21–31 (May-June 2001)
Bertino, E., Ferrari, E., Perego, A.: MaX: An Access Control System for Digital Libraries and the Web. In: Proceedings of IEEE Int. Computer Software and Applications Conference, Oxford, England (2002)
Carminati, B., Ferrari, E.: AC-XML Documents: Improving the Performance of a Web Access Control Module. In: Proceedings of the 10th ACM Symposium of Access Control Models and Technologies, Stockholm, Sweden (2005)
Murata, M., Tozawa, A., Kudo, M., Hada, S.: XML Access Control Using Static Analysis. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, Washington (2003)
Pallis, G., Stoupa, K., Vakali, A.: Storage and Access Control Issues for XML Documents. In: Taniar, D., Rahayu, J.W. (eds.) Web Information Systems, pp. 104–140. Idea Group Publishing (2004)
Sandhu, R.S., Coyne, E.J., Feinstein, H.L.: Role-Based Access Control Models. IEEE Computer, 38–47 (1996)
Stoupa, K., Vakali, A.: Policies for Web Security Services. In: Ferrari, E., Thuraisingham, B. (eds.) Web and Information Security, pp. 52–72. Idea Group Publishing (2006)
Winslett, M., Ching, N., Jones, V., Slepchin, I.: Using Digital Credentials on the World-Wide Web. Journal on Computer Security 5, 255–267 (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Stoupa, K., Simeoforidis, Z., Vakali, A. (2006). Credential-Based Policies Management in an Access Control Framework Protecting XML Resources. In: Levi, A., Savaş, E., Yenigün, H., Balcısoy, S., Saygın, Y. (eds) Computer and Information Sciences – ISCIS 2006. ISCIS 2006. Lecture Notes in Computer Science, vol 4263. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11902140_64
Download citation
DOI: https://doi.org/10.1007/11902140_64
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-47242-1
Online ISBN: 978-3-540-47243-8
eBook Packages: Computer ScienceComputer Science (R0)