The eXtensible Markup Language (XML) is recognized as a simple and universal standard for storing and exchanging information on the web. The risk of unauthorized leakage of this information mandates the use of access control at various levels of granularity. In this paper, we extend to the context of XML documents the notion of Observation-based Fine Grained Access Control (OFGAC) which was originally designed for the relational databases. In this setting, data are made accessible at various levels of abstractions depending on their sensitivity level. Therefore, unauthorized users are not able to infer the exact content of an attribute or element containing partial sensitive information, while they are allowed to get a relaxed view of it, according to their access rights, represented by a specific property.
Observation-Based Fine Grained Access Control for XML Documents
HALDER, RAJU;CORTESI, Agostino
2011-01-01
Abstract
The eXtensible Markup Language (XML) is recognized as a simple and universal standard for storing and exchanging information on the web. The risk of unauthorized leakage of this information mandates the use of access control at various levels of granularity. In this paper, we extend to the context of XML documents the notion of Observation-based Fine Grained Access Control (OFGAC) which was originally designed for the relational databases. In this setting, data are made accessible at various levels of abstractions depending on their sensitivity level. Therefore, unauthorized users are not able to infer the exact content of an attribute or element containing partial sensitive information, while they are allowed to get a relaxed view of it, according to their access rights, represented by a specific property.
| File | Dimensione | Formato | |
|---|---|---|---|
|
cisim_halder.pdf
non disponibili
Tipologia:
Documento in Pre-print
Licenza:
Accesso chiuso-personale
Dimensione
141.06 kB
Formato
Adobe PDF
|
141.06 kB | Adobe PDF | Visualizza/Apri |
I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
