A Framework for a File View Model in Intranets

Today, a new security problem is arising in intranets. The threats from inside an organization account for a rapidly increasing proportion of losses. The DAC (Discretionary Access Control) model, which is the primary access control mechanism in most intranets, is main responsibility for this state of affairs. Users can make a duplicate of a confidential document for which they only have read authorization. They can then grant access rights the replication to others who did not previously have authorization. This transformation of authorizations would result in the contents being divulged to unauthorized users. This paper proposes a concept of “File View” to solve this security problem in intranets. First, the paper proposes a hierarchy of file views which are used to structure availability of reference to database views. However there are some challenges in extending this proposal to file systems because of differences between the two. The paper proposes a framework for a file view model to solve these challenges. Finally, under three assumptions, it discusses access control and proposes read and write process algorithms for secured access in this framework.

[1]  Tok Wang Ling,et al.  Update XML Data by Using Graphical Languages , 2007, ER.

[2]  Benedict G. E. Wiedemann Protection? , 1998, Science.

[3]  Wenfei Fan,et al.  Updating Recursive XML Views of Relations , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[4]  Gao Cong Query and Update Through XML Views , 2007, DNIS.

[5]  Wenfei Fan,et al.  Secure XML querying with security views , 2004, SIGMOD '04.

[6]  C. M. Sperberg-McQueen,et al.  eXtensible Markup Language (XML) 1.0 (Second Edition) , 2000 .

[7]  Max Crochemore,et al.  The Computer Science and Engineering Handbook , 2004 .

[8]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[9]  Tao Li,et al.  File View: Secure Model in Intranet , 2009, 2009 International Conference on Networking and Digital Society.

[10]  Allen B. Tucker,et al.  Authentication, Access Control, and Intrusion Detection , 2004 .

[11]  Xml Db Initiative XUpdate-XML Update Language , 2003 .

[12]  Hua Zhang,et al.  Secure Files Management System in Intranet , 2008, 2008 International Conference on Internet Computing in Science and Engineering.

[13]  C. M. Sperberg-McQueen,et al.  Extensible Markup Language (XML) , 1997, World Wide Web J..

[14]  Wayne Salamon,et al.  Implementing SELinux as a Linux Security Module , 2003 .

[15]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[16]  Ravi S. Sandhu,et al.  How to do discretionary access control using roles , 1998, RBAC '98.

[17]  Ravi S. Sandhu,et al.  Lattice-based access control models , 1993, Computer.

[18]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[19]  P. S. Tasker,et al.  DEPARTMENT OF DEFENSE TRUSTED COMPUTER SYSTEM EVALUATION CRITERIA , 1985 .

[20]  Pierangela Samarati,et al.  Authentication, Access Controls, and Intrusion Detection , 1997, The Computer Science and Engineering Handbook.

[21]  Elisa Bertino,et al.  A View Mechanism for Object-Oriented Databases , 1992, EDBT.

[22]  Susan B. Davidson,et al.  From XML View Updates to Relational View Updates: old solutions to a new problem , 2004, VLDB.

[23]  Steven J. DeRose,et al.  XML Path Language (XPath) Version 1.0 , 1999 .

[24]  Ernesto Damiani,et al.  Securely Updating XML , 2007, KES.