Using Schemas to Simplify Access Control for XML Documents

13 years 11 months ago
Using Schemas to Simplify Access Control for XML Documents
Abstract. Organizations are increasingly using the the eXtensible Markup Language (XML) for document representation and exchange on the Web. To protect an XML document from unauthorized access, authorizations are specified on the XML document itself or on the Document Type Definition (DTD) that defines the type of the XML document. Each XML document or DTD is associated with an XML Access Sheet (XAS) that specifies the authorizations. The DTD not being an XML document complicates the specification and enforcement of authorization policies. To overcome the above mentioned problem, XML Schemas need to be used instead of DTDs. In this paper, we show how XAS DTDs can be specified using XML Schemas and propose an access control architecture that can process XAS authorizations. Enforcement of access control allows users to view only those parts of the documents that they are authorized to view. These parts may not conform to the schema of the original document and hence may not be vali...
Indrakshi Ray, Marianna Muller
Added 01 Jul 2010
Updated 01 Jul 2010
Type Conference
Year 2004
Authors Indrakshi Ray, Marianna Muller
Comments (0)