Translating content-based authorizations for XML documents

Somchai Chatvichienchai, Mizuho Iwaihara, Yahiko Kambayashi

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Access control policies of XML documents are often specified based on user roles and data content of the documents. Content-based authorization is crucial for providing fine-grained access control to data in XML document. Since authorization rules (authorizations, for short) use path expressions of XPath for locating data in documents, authorization definition is related to structure of the document. However, the structure of XML documents tends to change by various reasons such as application extension and information exchange between organizations. Therefore, authorizations must be revised whenever they become incompatible with a new structure of the document. As far as we know, no previous work has discussed the problem of transforming content-based authorizations for XML documents by using schema mapping information. We define classes for schema and document transformations that allow transforming authorizations without access to source and target XML documents. We propose an algorithm that computes authorizations of role-based access control (RBAC) model for a target DTD instance from given RBAC authorizations of a source DTD instance and schema mapping information under the specified classes of schema and document transformations while preserving the authorization policy of the source DTD instance.

Original languageEnglish
Title of host publicationProceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages103-112
Number of pages10
ISBN (Print)0769519997, 9780769519999
DOIs
Publication statusPublished - 2003
Externally publishedYes
Event4th International Conference on Web Information Systems Engineering, WISE 2003 - Roma, Italy
Duration: 2003 Dec 102003 Dec 12

Other

Other4th International Conference on Web Information Systems Engineering, WISE 2003
CountryItaly
CityRoma
Period03/12/1003/12/12

Fingerprint

XML
Access control

Keywords

  • Authorizations
  • Document transformation
  • Role-based access control
  • Schema transformation
  • XML documents

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems
  • Control and Systems Engineering

Cite this

Chatvichienchai, S., Iwaihara, M., & Kambayashi, Y. (2003). Translating content-based authorizations for XML documents. In Proceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003 (pp. 103-112). [1254474] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/WISE.2003.1254474

Translating content-based authorizations for XML documents. / Chatvichienchai, Somchai; Iwaihara, Mizuho; Kambayashi, Yahiko.

Proceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003. Institute of Electrical and Electronics Engineers Inc., 2003. p. 103-112 1254474.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Chatvichienchai, S, Iwaihara, M & Kambayashi, Y 2003, Translating content-based authorizations for XML documents. in Proceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003., 1254474, Institute of Electrical and Electronics Engineers Inc., pp. 103-112, 4th International Conference on Web Information Systems Engineering, WISE 2003, Roma, Italy, 03/12/10. https://doi.org/10.1109/WISE.2003.1254474
Chatvichienchai S, Iwaihara M, Kambayashi Y. Translating content-based authorizations for XML documents. In Proceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003. Institute of Electrical and Electronics Engineers Inc. 2003. p. 103-112. 1254474 https://doi.org/10.1109/WISE.2003.1254474
Chatvichienchai, Somchai ; Iwaihara, Mizuho ; Kambayashi, Yahiko. / Translating content-based authorizations for XML documents. Proceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003. Institute of Electrical and Electronics Engineers Inc., 2003. pp. 103-112
@inproceedings{63b986ce91214a0ba65494c8c614fb68,
title = "Translating content-based authorizations for XML documents",
abstract = "Access control policies of XML documents are often specified based on user roles and data content of the documents. Content-based authorization is crucial for providing fine-grained access control to data in XML document. Since authorization rules (authorizations, for short) use path expressions of XPath for locating data in documents, authorization definition is related to structure of the document. However, the structure of XML documents tends to change by various reasons such as application extension and information exchange between organizations. Therefore, authorizations must be revised whenever they become incompatible with a new structure of the document. As far as we know, no previous work has discussed the problem of transforming content-based authorizations for XML documents by using schema mapping information. We define classes for schema and document transformations that allow transforming authorizations without access to source and target XML documents. We propose an algorithm that computes authorizations of role-based access control (RBAC) model for a target DTD instance from given RBAC authorizations of a source DTD instance and schema mapping information under the specified classes of schema and document transformations while preserving the authorization policy of the source DTD instance.",
keywords = "Authorizations, Document transformation, Role-based access control, Schema transformation, XML documents",
author = "Somchai Chatvichienchai and Mizuho Iwaihara and Yahiko Kambayashi",
year = "2003",
doi = "10.1109/WISE.2003.1254474",
language = "English",
isbn = "0769519997",
pages = "103--112",
booktitle = "Proceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Translating content-based authorizations for XML documents

AU - Chatvichienchai, Somchai

AU - Iwaihara, Mizuho

AU - Kambayashi, Yahiko

PY - 2003

Y1 - 2003

N2 - Access control policies of XML documents are often specified based on user roles and data content of the documents. Content-based authorization is crucial for providing fine-grained access control to data in XML document. Since authorization rules (authorizations, for short) use path expressions of XPath for locating data in documents, authorization definition is related to structure of the document. However, the structure of XML documents tends to change by various reasons such as application extension and information exchange between organizations. Therefore, authorizations must be revised whenever they become incompatible with a new structure of the document. As far as we know, no previous work has discussed the problem of transforming content-based authorizations for XML documents by using schema mapping information. We define classes for schema and document transformations that allow transforming authorizations without access to source and target XML documents. We propose an algorithm that computes authorizations of role-based access control (RBAC) model for a target DTD instance from given RBAC authorizations of a source DTD instance and schema mapping information under the specified classes of schema and document transformations while preserving the authorization policy of the source DTD instance.

AB - Access control policies of XML documents are often specified based on user roles and data content of the documents. Content-based authorization is crucial for providing fine-grained access control to data in XML document. Since authorization rules (authorizations, for short) use path expressions of XPath for locating data in documents, authorization definition is related to structure of the document. However, the structure of XML documents tends to change by various reasons such as application extension and information exchange between organizations. Therefore, authorizations must be revised whenever they become incompatible with a new structure of the document. As far as we know, no previous work has discussed the problem of transforming content-based authorizations for XML documents by using schema mapping information. We define classes for schema and document transformations that allow transforming authorizations without access to source and target XML documents. We propose an algorithm that computes authorizations of role-based access control (RBAC) model for a target DTD instance from given RBAC authorizations of a source DTD instance and schema mapping information under the specified classes of schema and document transformations while preserving the authorization policy of the source DTD instance.

KW - Authorizations

KW - Document transformation

KW - Role-based access control

KW - Schema transformation

KW - XML documents

UR - http://www.scopus.com/inward/record.url?scp=10444245230&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=10444245230&partnerID=8YFLogxK

U2 - 10.1109/WISE.2003.1254474

DO - 10.1109/WISE.2003.1254474

M3 - Conference contribution

SN - 0769519997

SN - 9780769519999

SP - 103

EP - 112

BT - Proceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003

PB - Institute of Electrical and Electronics Engineers Inc.

ER -