A secure solution for commercial digital libraries

Distributed systems usually contain objects with heterogeneous security requirements that pose important challenges for the underlying security mechanisms and especially in access control systems. Access control in distributed systems often relies on centralised security administration. Existing solutions for distributed access control do not provide the flexibility and manageability required. This paper presents the XML‐based secure content distribution (XSCD) infrastructure, which is based on the production of protected software objects that convey contents (software or data) and can be distributed without further security measures because they embed the access control enforcement mechanism. It also provides means for integrating privilege management infrastructures (PMIs). Semantic information is used in the dynamic instantiation and semantic validation of policies. XSCD is scalable, facilitates the administration of the access control system, guarantees the secure distribution of the contents, enables semantic integration and interoperability of heterogeneous sources, provides persistent protection and allows actions (such as payment) to be bound to the access to objects.

[1]  Srilekha Mudumbai,et al.  Certificate-based authorization policy in a PKI environment , 2003, TSEC.

[2]  Michiharu Kudo,et al.  XML document security based on provisional authorization , 2000, CCS.

[3]  Arquimedes Lopes da Silva,et al.  An incremental algorithm to support geometric constraint satisfaction in engineering design , 2002, Proceedings Sixth International Conference on Information Visualisation.

[4]  Elisa Bertino,et al.  Securing XML Documents with Author-X , 2001, IEEE Internet Comput..

[5]  Luis Gravano,et al.  Metadata for digital libraries: architecture and design rationale , 1997, DL '97.

[6]  Luis Gravano,et al.  The Stanford Digital Library metadata architecture , 1997, International Journal on Digital Libraries.

[7]  Andreas Paepcke,et al.  Shopping models: a flexible architecture for information commerce , 1997, DL '97.

[8]  Antonio Maña,et al.  XML-Based Distributed Access Control System , 2002, EC-Web.

[9]  Ernesto Damiani,et al.  Controlling Access to XML Documents , 2001, IEEE Internet Comput..

[10]  Ernesto Pimentel,et al.  An Efficient Software Protection Scheme , 2001, SEC.

[11]  Sushil Jajodia,et al.  Going Beyond MAC and DAC Using Mobile Policies , 2001, SEC.

[12]  LouAnna Notargiacomo,et al.  Beyond the pale of MAC and DAC-defining new forms of access control , 1990, Proceedings. 1990 IEEE Computer Society Symposium on Research in Security and Privacy.

[13]  Sabrina De Capitani di Vimercati,et al.  A fine-grained access control system for XML documents , 2002, TSEC.

[14]  James Frew,et al.  The ADEPT digital library architecture , 2002, JCDL '02.

[15]  José M. Troya,et al.  Access Control Infrastructure for Digital Objects , 2002, ICICS.

[16]  David W. Chadwick,et al.  RBAC Policies in XML for X.509 Based Privilege Management , 2002, SEC.