Research And Implementation Of XML Documents Oriented Access Control Model

XML technology has been broadly applied into all kinds of fields. This make the information stored in XML has increased greatly. In such backgrounds, the security of XML documents become more and more important, and access control technology is one of key technologies to provide security service. For a XML document, just providing access control at file level is not enough and access to the elements and attributes must be controlled to an inch. The target of this research is to propose and implement a fine-grained access control model for XML documents.The first part initially introduces researching meanings and backgrounds. Then it analyzes the research progress from domestic and international work as well as the main problems that still existing. Finally, focusing on the special security demand of XML and current research defects, we propose the research direction of this thesis.The second part firstly introduces the most typical three access control models and analyzes merits and shortfalls of each model. It illustrates the reason for choosing RBAC model as the base of our research and it puts forward XML documents Oriented RBAC model. This model focuses on the specification of XML documents and makes the effective modification and exploration for RBAC96 model, thus, it could meet the demand of a fine-grained access control for XML documents.The third part mainly studies the constraints specification of XORBAC model. It starts in terms of both general constraints and XML document-specific constraints and finally a set of reasonable, full-around and effective constraints specifications for XORBAC model is given. Besides better avoiding the risk arising from human factors, this constraints specification also reduces the workload of permission management greatly. These help to gain better practicability.The fourth part describes the implementation of XORBAC system. In this part, not only given architecture, mechanism and UML design, it also illustrates the key technologies used within a XML-base framework: modeling components with XML Schema, encoding access control data in XML, specifying constraints with Schematron.The conclusion and the research directions in future are discussed in the last part.