Regulating Access To Semistructured Information on the Web

The remarkable growth of the World Wide Web in recent years has made it possible to distribute information to users in the form of an unorganized and unstructured collection of documents. While security is an important aspect in such a scenario, access control systems available today result too rigid and limited. We present an approach to specify and enforce access restrictions to Web documents. The approach provides flexible, as it allows to enforce a variety of security policies and requirements at a fine-grained level without affecting the data organization.

[1]  Steven J. DeRose,et al.  XML Path Language (XPath) Version 1.0 , 1999 .

[2]  C. M. Sperberg-McQueen,et al.  eXtensible Markup Language (XML) 1.0 (Second Edition) , 2000 .

[3]  Elisa Bertino,et al.  An Authorization Model for a Distributed Hypertext System , 1996, IEEE Trans. Knowl. Data Eng..

[4]  Sophie Cluet,et al.  Your mediators need data conversion! , 1998, SIGMOD '98.

[5]  Jennifer Widom,et al.  Object exchange across heterogeneous information sources , 1995, Proceedings of the Eleventh International Conference on Data Engineering.

[6]  Teresa F. Lunt,et al.  Access Control Policies for Database Systems , 1988, DBSec.

[7]  Atwell R. Turquette,et al.  On the Many-Valued Logics , 1941 .

[8]  Roy Goldman,et al.  From Semistructured Data to XML: Migrating the Lore Data Model and Query Language , 1999, Markup Lang..

[9]  Sushil Jajodia,et al.  A logical language for expressing authorizations , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[10]  Peter Buneman,et al.  Semistructured data , 1997, PODS.

[11]  C. M. Sperberg-McQueen,et al.  Extensible Markup Language (XML) , 1997, World Wide Web J..

[12]  Ernesto Damiani,et al.  Securing XML Documents , 2000, EDBT.