1 / 28

____________________________

____________________________. XML Access Control for Semantically Related XML Documents & A Role-Based Approach to Access Control For XML Databases BY Asheesh Kumar AXK0656 April 27, 2006.

lawrencia-benedict
Download Presentation

____________________________

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ____________________________ XML Access Control for Semantically Related XML Documents & A Role-Based Approach to Access Control For XML Databases BY Asheesh Kumar AXK0656 April 27, 2006

  2. XML Access Control for Semantically Related XML Documents_____________________________________________ • Vijay Parmar and Hongchi Shi Department of Computer Science & Computer Engineering University of Missouri- Columbia, USA • Su-Shing Chen Dept of computer & Information Science & Engineering University of Florida, USA

  3. A Role-Based Approach to Access Control for XML Databases_____________________________________________ • Zingzhu Wang Department of Computer Science University of Western Ontario, Canada • Su-Shing Chen Department of Computer Science University of Western Ontario, Canada

  4. XML Access Control for Semantically Related XML Documents _____________________________________________ • XML most preferred way to store & exchange information • Need to provide controlled access to such information is imminent • Authors propose an access control policy & mechanism for a collection of semantically related XML documents

  5. XML Access Control for Semantically Related XML Documents _____________________________________________ Features of proposed access control mechanism • It is developed for XML documents- semantically related • Access control conditions can be specified based on contents of the document • Access control is role based

  6. XML Access Control for Semantically Related XML Documents _____________________________________________ • Assume that each XML document resembles an entity playing a certain role • Each entity has certain relationships with other entities (XML document) • An access request may result in data coming from more than one document in the collection • Semantic relationships, so document playing a certain role can have access to other entities playing a different role

  7. XML Access Control for Semantically Related XML Documents _____________________________________________ • Sample relationships of entities playing particular role

  8. XML Access Control for Semantically Related XML Documents _____________________________________________ • Relationship between entities (XML documents)

  9. XML Access Control for Semantically Related XML Documents _____________________________________________ Observations for Access Control Policy • XML documents are not accessed by the document names.. • Entity playing a role may requests data from collection of XML documents by giving a general request over the whole collection • Now, requesting entities identification & role would cause access control mechanism to restrict its access according to access control policy • All documents in collection must comply with same DTD, so all entities playing a similar role have same structure but different content

  10. XML Access Control for Semantically Related XML Documents _____________________________________________ Overview of Access Control Policy Specification The Access Control Policy DTD

  11. XML Access Control for Semantically Related XML Documents _____________________________________________ Operation types and execution • Read • Write • Create • Delete Operations are performed by first querying the XML document collection with the XPATH query expression provided in the access request

  12. XML Access Control for Semantically Related XML Documents _____________________________________________ Steps involved in Read Operation • XPath query is processed on collection of XML documents • Results checked for list of allowed elements for read operation under the appropriate role • Result of above step leaves a set of document fragment that is further checked for access control condition • Condition for each allowed element and sub element is checked • If conditions are satisfied, the content of allowed element are not deleted

  13. XML Access Control for Semantically Related XML Documents _____________________________________________ • A sample Read operation

  14. XML Access Control for Semantically Related XML Documents _____________________________________________

  15. XML Access Control for Semantically Related XML Documents _____________________________________________ Condition Specification • Conditions indicate constraint for the access to the particular allowed element for a specific operation • Presence of name of an element in the allowed element list indicates that it is allowed for access for a particular role only if the conditions are satisfied • Conditions can be specified in the access control policy document with the ‘condition’ element • AND & OR conditions ..

  16. XML Access Control for Semantically Related XML Documents _____________________________________________

  17. XML Access Control for Semantically Related XML Documents _____________________________________________ Condition types • Prohibit • Equals • Exists • NotExists

  18. XML Access Control for Semantically Related XML Documents _____________________________________________ A sample Condition Specification

  19. XML Access Control for Semantically Related XML Documents _____________________________________________ A student is not allowed to update his grades but allowed to view them

  20. XML Access Control for Semantically Related XML Documents _____________________________________________ Overall Access control model

  21. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Propose to combine Role Graph Model, Authorization Type Graph and Authorization Object Schema, Authorization Object Graph • Group of permission -> Role -> assigned to users • Permissions are privileges • Privileges are made up of object and access mode ( read/ write etc) • Object part of an XML database is any part of XML

  22. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Example Role Graph

  23. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Authorization Object Schema for example

  24. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Authorization Object Graph for example

  25. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Authorization Type Graph

  26. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Authorization Association Matrix

  27. Thank You Asheesh Kumar AXK0656

More Related