Proceedings of the 2003 ACM Workshop on XML Security 2003
DOI: 10.1145/968559.968567
|View full text |Cite
|
Sign up to set email alerts
|

RDF metadata for XML access control

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
13
0

Year Published

2005
2005
2009
2009

Publication Types

Select...
5
2
1

Relationship

0
8

Authors

Journals

citations
Cited by 18 publications
(13 citation statements)
references
References 15 publications
0
13
0
Order By: Relevance
“…Several papers consider the case of evolving access control policies expressed in XQuery [25] and by means of RDF [3,28]. Such policies can be used for a derivation of new access control rules including content-based constraints of requested and other documents, environmental information like time and place of request initiator,and information about possessed privileges.…”
Section: Runtime Policy Evaluationmentioning
confidence: 99%
“…Several papers consider the case of evolving access control policies expressed in XQuery [25] and by means of RDF [3,28]. Such policies can be used for a derivation of new access control rules including content-based constraints of requested and other documents, environmental information like time and place of request initiator,and information about possessed privileges.…”
Section: Runtime Policy Evaluationmentioning
confidence: 99%
“…<!DOCTYPE patientrecords[ <!ELEMENT patientrecords(patient*)> <!ELEMENT patient(ssn,name,phone,age,race,diagnosis*)> <!ELEMENT ssn(#PCDATA)> <!ELEMENT name(#PCDATA)> <!ELEMENT phone(#PCDATA)> <!ELEMENT birthdate(#PCDATA)> <!ELEMENT race(#PCDATA)> <!ELEMENT diagnosis(date,physician,comment*,presecription*)> <!ELEMENT date(#PCDATA)> <!ELEMENT physician(#PCDATA)> <!ELEMENT comment(#PCDATA)> <!ELEMENT prescription(#PCDATA)> <!ELEMENT allergies(allergen* The RXACL architecture, introduced in Gowadia and Farkas (2003), provides flexible access control granularity by allowing security classification of XML nodes and subtrees (simple security objects), and associations among nodes (association security objects). In Gowadia and Farkas (2003) we proposed a technique to enforce association-based access control at data-level (i.e., check for security violation after query processing) and it is outside the scope of this paper.…”
Section: Introductionmentioning
confidence: 99%
“…In Gowadia and Farkas (2003) we proposed a technique to enforce association-based access control at data-level (i.e., check for security violation after query processing) and it is outside the scope of this paper. In this paper we extend RXACL architecture by presenting techniques for performing a security check before the query is processed.…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…The query is submitted to XML query engine for further processing. The result of unsafe query's evaluation are further evaluated for possible data-level violations as described in Gowadia and Farkas (2003). Answer to safe queries is returned to user without further security analysis.…”
Section: Introductionmentioning
confidence: 99%