Access control for web data: Models and policy languages

被引:0
作者
Universita dell'Insubria, Dipartimento di Scienze della Cultura, Politiche e Informazione, Via Carloni, 78, 22100 Como, Italy [1 ]
不详 [2 ]
机构
[1] Universita dell'Insubria, Dipartimento di Scienze della Cultura, Politiche e Informazione, 22100 Como, Via Carloni
[2] University of Texas at Dallas, Department of Computer Science EC 31, Richardson, TX 75083-0688
来源
Ann Telecommun | 2006年 / 3-4卷 / 245-266期
关键词
Access control; Information access; Internet; Semantic Web; World Wide Web; XML;
D O I
10.1007/bf03219908
中图分类号
学科分类号
摘要
The web has made easily available an enormous amount of information in digital form and has facilitated the exchange of such information. In this environment, access control is a primary concern. The key issue is how to trade-off between maximizing the sharing of information and enforcing a controlled access to web data. In this paper we start by outlining which are the main access control requirements of web data. Then, we review researches carried on in the field, by mainly focusing on XML. Finally, we discuss policy languages for the semantic web, and outline which are the main research directions in this field.
引用
收藏
页码:245 / 266
页数:21
相关论文
共 45 条
[11]  
Boley H., The rule markup language: RDF-XML data model, XML Schema Hierarchy, and XSL Transformations
[12]  
Carminati B., Ferrari E., Thuraisingham B., Using RDF for policy specification and enforcement, Proc. of the DEXA International Workshop on Web Semantics -WebS 2004, (2004)
[13]  
Damiani E., De Capitani Di Vimercati S., Paraboschi S., Samarati P., Securing XML documents, Proc. of the International Conference on Extending Database Technology (EDBT2000), (2000)
[14]  
Damiani E., De Capitani Di Vimercati S., Paraboschi S., Samarati P., A finegrained access control system for XML documents, ACM Transactions on Information and System Security, (TISSEC), 5, 2, pp. 169-202, (2002)
[15]  
De Capitani Di Vimercati S., Paraboschi S., Samarati P., Access control: Principles and solutions, Software - Practice and Experience, 33, 5, pp. 397-421, (2003)
[16]  
De Capitani Di Vimercati S., Samarati P., Jajodia S., Policies, models, and languages for access control, Proc. of the 4th Databases in Networked Information Systems (DNIS'05), pp. 225-237, (2005)
[17]  
Ferraiolo D., Sandhu R., Gavrila S., Kuhn D., Chandramouli R., Proposed NIST standard for role-based access control, ACM Transactions on Information and System Security (TISSEC), 4, 3, pp. 224-274, (2001)
[18]  
Ferrari E., Thuraisingham B., Secure database systems, Advanced Databases: Technology and Design, (2000)
[19]  
Gabillon A., Bruno E., Regulating access to XML documents, Proc. of the Fifteenth Annual IFIP WG 11.3 Working Conference on Database Security, (2001)
[20]  
Gabillon A., An authorization model for XML DataBases, Proc. of the Workshop on Secure Web Services, (2004)
12345