Towards Secure XML Federations

The integration of isolated XML repositories has drawn more and more interest recently. In this paper, we propose XML federations to provide global e-services while preserving the necessary autonomy and security of each individual repository. First we show a logical architecture of XML federations, which is adapted from the common architecture of traditional federated databases according to the unique requirements of XML federations. On the basis of the architecture, we address security issues of XML federations, especially the authentication and authorization of federation users. We point out several problems in applying existing access control schemes and give our solutions.

[1]  Alban Gabillon,et al.  Regulating Access to XML documents , 2001, DBSec.

[2]  Klaus R. Dittrich,et al.  An Approach for Building Secure Database Federations , 1994, VLDB.

[3]  Ernesto Damiani,et al.  Securing SOAP e-services , 2002, International Journal of Information Security.

[4]  Ernesto Damiani,et al.  Fine grained access control for SOAP E-services , 2001, WWW '01.

[5]  Ernesto Damiani,et al.  Design and implementation of an access control processor for XML documents , 2000, Comput. Networks.

[6]  Pierangela Samarati,et al.  Regulating service access and information release on the Web , 2000, CCS.

[7]  S. Dawson,et al.  Secure access wrapper: mediating security between heterogeneous databases , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[8]  Elisa Bertino,et al.  Specifying and enforcing access control policies for XML document sources , 2004, World Wide Web.

[9]  Sabrina De Capitani di Vimercati,et al.  A fine-grained access control system for XML documents , 2002, TSEC.

[10]  Michiharu Kudo,et al.  XML document security based on provisional authorization , 2000, CCS.

[11]  C. M. Sperberg-McQueen,et al.  Extensible Markup Language (XML) , 1997, World Wide Web J..

[12]  Klaus R. Dittrich,et al.  Argos - A Configurable Access Control System for Interoperable Environments , 1995, DBSec.

[13]  Ernesto Damiani,et al.  Securing XML Documents , 2000, EDBT.

[14]  Sushil Jajodia,et al.  Subject Switching Algorithms for Access Control in Federated Databases , 2001, DBSec.

[15]  DamianiErnesto,et al.  A fine-grained access control system for XML documents , 2002 .

[16]  Ehud Gudes,et al.  Security Policies in Replicated and Autonomous Databases , 1998, DBSec.

[17]  C. M. Sperberg-McQueen,et al.  Extensible markup language , 1997 .

[18]  Shamkant B. Navathe,et al.  XML Schema Mappings for Heterogeneous Database Access , 2002, Inf. Softw. Technol..

[19]  Ernesto Damiani,et al.  Regulating Access To Semistructured Information on the Web , 2000, SEC.

[20]  C. M. Sperberg-McQueen,et al.  eXtensible Markup Language (XML) 1.0 (Second Edition) , 2000 .