论文信息 - A flexible mandatory access control policy for XML databases

A flexible mandatory access control policy for XML databases

A flexible mandatory access control policy (MAC) for XML databases is presented in this paper. The label type and label access policy can be defined according to the requirements of applications. In order to preserve the integrity of data in XML databases, a constraint between a read access rule and a write access rule in label access policy is introduced. Rules for label assignment and propagation are proposed to alleviate the workload of label assignment. Also, a solution for resolving conflicts of label assignments is proposed. At last, operations for implementation of the MAC policy in a XML database are illustrated.

Hong Zhu | Kevin Lü | Renchao Jin

[1] D. Elliott Bell,et al. Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[2] Yuan Xiao. The Model of Mandatory Access Control with Extended Security Label , 2000 .

[3] Paul Bird,et al. A Multi-Purpose Implementation of Mandatory Access Control in Relational Database Management Systems , 2004, VLDB.

[4] Laks V. S. Lakshmanan,et al. Optimizing the Secure Evaluation of Twig Queries , 2002, VLDB.

[5] Jianhua Li,et al. Enforce Mandatory Access Control Policy on XML Documents , 2005, ICICS.

[6] Steven J. DeRose,et al. XML Path Language (XPath) , 1999 .

[7] Sabrina De Capitani di Vimercati,et al. A fine-grained access control system for XML documents , 2002, TSEC.