Presentation is loading. Please wait.

Presentation is loading. Please wait.

____________________________ XML Access Control for Semantically Related XML Documents & A Role-Based Approach to Access Control For XML Databases BY Asheesh.

Published byReginald Rodgers Modified over 8 years ago

Similar presentations

Presentation on theme: "____________________________ XML Access Control for Semantically Related XML Documents & A Role-Based Approach to Access Control For XML Databases BY Asheesh."— Presentation transcript:

1 ____________________________ XML Access Control for Semantically Related XML Documents & A Role-Based Approach to Access Control For XML Databases BY Asheesh Kumar AXK0656 April 27, 2006

2 XML Access Control for Semantically Related XML Documents _____________________________________________ Vijay Parmar and Hongchi Shi Vijay Parmar and Hongchi Shi Department of Computer Science & Computer Engineering University of Missouri- Columbia, USA University of Missouri- Columbia, USA Su-Shing Chen Su-Shing Chen Dept of computer & Information Science & Engineering University of Florida, USA

3 A Role-Based Approach to Access Control for XML Databases _____________________________________________ Zingzhu Wang Zingzhu Wang Department of Computer Science Department of Computer Science University of Western Ontario, Canada University of Western Ontario, Canada Su-Shing Chen Su-Shing Chen Department of Computer Science University of Western Ontario, Canada University of Western Ontario, Canada

4 XML most preferred way to store & exchange information XML most preferred way to store & exchange information Need to provide controlled access to such information is imminent Need to provide controlled access to such information is imminent Authors propose an access control policy & mechanism for a collection of semantically related XML documents Authors propose an access control policy & mechanism for a collection of semantically related XML documents XML Access Control for Semantically Related XML Documents _____________________________________________

5 Features of proposed access control mechanism It is developed for XML documents- semantically related It is developed for XML documents- semantically related Access control conditions can be specified based on contents of the document Access control conditions can be specified based on contents of the document Access control is role based Access control is role based XML Access Control for Semantically Related XML Documents _____________________________________________

6 Assume that each XML document resembles an entity playing a certain role Assume that each XML document resembles an entity playing a certain role Each entity has certain relationships with other entities (XML document) Each entity has certain relationships with other entities (XML document) An access request may result in data coming from more than one document in the collection An access request may result in data coming from more than one document in the collection Semantic relationships, so document playing a certain role can have access to other entities playing a different role Semantic relationships, so document playing a certain role can have access to other entities playing a different role XML Access Control for Semantically Related XML Documents _____________________________________________

7 Sample relationships of entities playing particular role Sample relationships of entities playing particular role

8 XML Access Control for Semantically Related XML Documents _____________________________________________ Relationship between entities (XML documents) Relationship between entities (XML documents)

9 Observations for Access Control Policy XML documents are not accessed by the document names.. XML documents are not accessed by the document names.. Entity playing a role may requests data from collection of XML documents by giving a general request over the whole collection Entity playing a role may requests data from collection of XML documents by giving a general request over the whole collection Now, requesting entities identification & role would cause access control mechanism to restrict its access according to access control policy Now, requesting entities identification & role would cause access control mechanism to restrict its access according to access control policy All documents in collection must comply with same DTD, so all entities playing a similar role have same structure but different content All documents in collection must comply with same DTD, so all entities playing a similar role have same structure but different content XML Access Control for Semantically Related XML Documents _____________________________________________

10 Overview of Access Control Policy Specification The Access Control Policy DTD

11 Operation types and execution Read Read Write Write Create Create Delete Delete Operations are performed by first querying the XML document collection with the XPATH query expression provided in the access request Operations are performed by first querying the XML document collection with the XPATH query expression provided in the access request XML Access Control for Semantically Related XML Documents _____________________________________________

12 Steps involved in Read Operation XPath query is processed on collection of XML documents XPath query is processed on collection of XML documents Results checked for list of allowed elements for read operation under the appropriate role Results checked for list of allowed elements for read operation under the appropriate role Result of above step leaves a set of document fragment that is further checked for access control condition Result of above step leaves a set of document fragment that is further checked for access control condition Condition for each allowed element and sub element is checked Condition for each allowed element and sub element is checked If conditions are satisfied, the content of allowed element are not deleted If conditions are satisfied, the content of allowed element are not deleted XML Access Control for Semantically Related XML Documents _____________________________________________

13 A sample Read operation A sample Read operation

14 XML Access Control for Semantically Related XML Documents _____________________________________________

15 Condition Specification Conditions indicate constraint for the access to the particular allowed element for a specific operation Conditions indicate constraint for the access to the particular allowed element for a specific operation Presence of name of an element in the allowed element list indicates that it is allowed for access for a particular role only if the conditions are satisfied Presence of name of an element in the allowed element list indicates that it is allowed for access for a particular role only if the conditions are satisfied Conditions can be specified in the access control policy document with the ‘condition’ element Conditions can be specified in the access control policy document with the ‘condition’ element AND & OR conditions.. AND & OR conditions.. XML Access Control for Semantically Related XML Documents _____________________________________________

16

17 Condition types Prohibit Prohibit Equals Equals Exists Exists NotExists NotExists XML Access Control for Semantically Related XML Documents _____________________________________________

18 A sample Condition Specification

19 XML Access Control for Semantically Related XML Documents _____________________________________________ A student is not allowed to update his grades but allowed to view them

20 XML Access Control for Semantically Related XML Documents _____________________________________________ Overall Access control model

21 Propose to combine Role Graph Model, Authorization Type Graph and Authorization Object Schema, Authorization Object Graph Propose to combine Role Graph Model, Authorization Type Graph and Authorization Object Schema, Authorization Object Graph Group of permission -> Role -> assigned to users Group of permission -> Role -> assigned to users Permissions are privileges Permissions are privileges Privileges are made up of object and access mode ( read/ write etc) Privileges are made up of object and access mode ( read/ write etc) Object part of an XML database is any part of XML Object part of an XML database is any part of XML A Role-Based Approach to Access Control for XML Databases _____________________________________________

22 Example Role Graph Example Role Graph

23 A Role-Based Approach to Access Control for XML Databases _____________________________________________ Authorization Object Schema for example Authorization Object Schema for example

24 A Role-Based Approach to Access Control for XML Databases _____________________________________________ Authorization Object Graph for example Authorization Object Graph for example

25 A Role-Based Approach to Access Control for XML Databases _____________________________________________ Authorization Type Graph Authorization Type Graph

26 A Role-Based Approach to Access Control for XML Databases _____________________________________________ Authorization Association Matrix Authorization Association Matrix

27

28 Thank You Asheesh Kumar AXK0656

Download ppt "____________________________ XML Access Control for Semantically Related XML Documents & A Role-Based Approach to Access Control For XML Databases BY Asheesh."

Similar presentations

1 2007-08-29W3C SML F2F XML Schema 1.1 Sandy Gao, IBM.

W3C SML F2F XML Schema 1.1 Sandy Gao, IBM.
XML DOCUMENTS AND DATABASES

XML DOCUMENTS AND DATABASES
XCON - IETF 62 (March 2005) - Minneapolis 1 XCON data modeling – NETCONF, RDF and others draft-schulzrinne-sipping-emergency-req-01 draft-sipping-sos Henning.

XCON - IETF 62 (March 2005) - Minneapolis 1 XCON data modeling – NETCONF, RDF and others draft-schulzrinne-sipping-emergency-req-01 draft-sipping-sos Henning.
Jan. 2014Dr. Yangjun Chen ACS-49021 Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )

Jan. 2014Dr. Yangjun Chen ACS Database security and authorization (Ch. 22, 3 rd ed. – Ch. 23, 4 th ed. – Ch. 24, 6 th )
Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents Tomasz Müldner, Jodrey School of Computer Science, Acadia University, Wolfville,

Using Multi-Encryption to Provide Secure and Controlled Access to XML Documents Tomasz Müldner, Jodrey School of Computer Science, Acadia University, Wolfville,
Database Management System

Database Management System
TC3 Meeting in Montreal 2003 3(Montreal/Secretariat)6 page 1 of 10 Structure and purpose of IEC 82045 ISO - IEC 82045 - Specifications for Document Management.

TC3 Meeting in Montreal (Montreal/Secretariat)6 page 1 of 10 Structure and purpose of IEC ISO - IEC Specifications for Document Management.
Chapter 12.3+ Information Systems Database Management.

Chapter Information Systems Database Management.
1 XEM: Managing the Evolution of XML Documents Author: Hong Su, Diane Kramer. Li Chen, Kajal Claypool and Elke A. Rundensteiner Presented by: Li Shuhong.

1 XEM: Managing the Evolution of XML Documents Author: Hong Su, Diane Kramer. Li Chen, Kajal Claypool and Elke A. Rundensteiner Presented by: Li Shuhong.
Summary. Chapter 9 – Triggers Integrity constraints Enforcing IC with different techniques –Keys –Foreign keys –Attribute-based constraints –Schema-based.

Summary. Chapter 9 – Triggers Integrity constraints Enforcing IC with different techniques –Keys –Foreign keys –Attribute-based constraints –Schema-based.
Storing and Querying Ordered XML Using a Relational Database System By Khang Nguyen Based on the paper of Igor Tatarinov and Statis Viglas.

Storing and Querying Ordered XML Using a Relational Database System By Khang Nguyen Based on the paper of Igor Tatarinov and Statis Viglas.
Elisa Bertino Dept. of Computer Science University of Milano Page 1 Author-X Secure and selective access and flexible distribution mechanisms for XML documents.

Elisa Bertino Dept. of Computer Science University of Milano Page 1 Author-X Secure and selective access and flexible distribution mechanisms for XML documents.
XML –Query Languages, Extracting from Relational Databases ADVANCED DATABASES Khawaja Mohiuddin Assistant Professor Department of Computer Sciences Bahria.

XML –Query Languages, Extracting from Relational Databases ADVANCED DATABASES Khawaja Mohiuddin Assistant Professor Department of Computer Sciences Bahria.
Distributed Collaborations Using Network Mobile Agents Anand Tripathi, Tanvir Ahmed, Vineet Kakani and Shremattie Jaman Department of computer science.

Distributed Collaborations Using Network Mobile Agents Anand Tripathi, Tanvir Ahmed, Vineet Kakani and Shremattie Jaman Department of computer science.
Mining Metamodels From Instance Models: The MARS System Faizan Javed Department of Computer & Information Sciences, University of Alabama at Birmingham.

Mining Metamodels From Instance Models: The MARS System Faizan Javed Department of Computer & Information Sciences, University of Alabama at Birmingham.
Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.

Role Based Access Control Models Presented By Ankit Shah 2 nd Year Master’s Student.
Lecture 7 Access Control

Lecture 7 Access Control
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
Copyright © 2007 Ramez Elmasri and Shamkant B. Navathe Slide 26- 1.

Copyright © 2007 Ramez Elmasri and Shamkant B. Navathe Slide
4/20/2017.

4/20/2017.

Similar presentations

Ads by Google