TY - GEN
T1 - Translating content-based authorizations for XML documents
AU - Chatvichienchai, Somchai
AU - Iwaihara, Mizuho
AU - Kambayashi, Yahiko
PY - 2003/1/1
Y1 - 2003/1/1
N2 - Access control policies of XML documents are often specified based on user roles and data content of the documents. Content-based authorization is crucial for providing fine-grained access control to data in XML document. Since authorization rules (authorizations, for short) use path expressions of XPath for locating data in documents, authorization definition is related to structure of the document. However, the structure of XML documents tends to change by various reasons such as application extension and information exchange between organizations. Therefore, authorizations must be revised whenever they become incompatible with a new structure of the document. As far as we know, no previous work has discussed the problem of transforming content-based authorizations for XML documents by using schema mapping information. We define classes for schema and document transformations that allow transforming authorizations without access to source and target XML documents. We propose an algorithm that computes authorizations of role-based access control (RBAC) model for a target DTD instance from given RBAC authorizations of a source DTD instance and schema mapping information under the specified classes of schema and document transformations while preserving the authorization policy of the source DTD instance.
AB - Access control policies of XML documents are often specified based on user roles and data content of the documents. Content-based authorization is crucial for providing fine-grained access control to data in XML document. Since authorization rules (authorizations, for short) use path expressions of XPath for locating data in documents, authorization definition is related to structure of the document. However, the structure of XML documents tends to change by various reasons such as application extension and information exchange between organizations. Therefore, authorizations must be revised whenever they become incompatible with a new structure of the document. As far as we know, no previous work has discussed the problem of transforming content-based authorizations for XML documents by using schema mapping information. We define classes for schema and document transformations that allow transforming authorizations without access to source and target XML documents. We propose an algorithm that computes authorizations of role-based access control (RBAC) model for a target DTD instance from given RBAC authorizations of a source DTD instance and schema mapping information under the specified classes of schema and document transformations while preserving the authorization policy of the source DTD instance.
KW - Authorizations
KW - Document transformation
KW - Role-based access control
KW - Schema transformation
KW - XML documents
UR - http://www.scopus.com/inward/record.url?scp=10444245230&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=10444245230&partnerID=8YFLogxK
U2 - 10.1109/WISE.2003.1254474
DO - 10.1109/WISE.2003.1254474
M3 - Conference contribution
AN - SCOPUS:10444245230
T3 - Proceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003
SP - 103
EP - 112
BT - Proceedings - 4th International Conference on Web Information Systems Engineering, WISE 2003
A2 - Mecella, Massimo
A2 - Mylopoulos, John
A2 - Orlowska, Maria E.
A2 - Catarci, Tiziana
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 4th International Conference on Web Information Systems Engineering, WISE 2003
Y2 - 10 December 2003 through 12 December 2003
ER -