Research And Implementation Of XML Access Control Based On X-RBAC Model And Extended XQuery

With the rapid development of Internet, more and more applications are developed taking network into consideration. As the proposed standard for web information, XML is widely used by these applications. The wide use of XML in network brings about the safety issues, which restricts the further use of XML. People begin to concern the XML safety issues now.The main fields of current research on XML safety issues are XML Encryption, XML Digital Signature and XML Access Control. Technologies of XML Encryption and XML Digital Signature have been well studied and have been a standard recommended by W3C. Compared to them, technology of XML Access Control is still in the primary phase of researching. Many institutions and experts are working on XML Access Control in order to draw a uniform standard.This paper discussed XML access control in details, mainly focused on how to let multiple legal people share XML document. Based on this, this paper designed and implemented an XML access control system named XACS. XACS is based on X-RBAC model and extended XQuery.X-RBAC, which implements RBAC by XML, is used to build up access control model. RBAC model is the most popular access control strategy because of its flexibleness, convenience and security. However, RBAC models are generally based on database system, which greatly depends on database system and lacks common use. The X-RBAC designed in this paper, which is based on series of XML documents, is platform-independent by using the technology of XML.XQuery, which is XML query language recommended by W3C, is used as access language in this system. However, the current XQuery only supports query operation. This paper appended the syntax for update operation based on the existing syntax of XQuery.Path expression, which is used in XQuery language to access XML document in the way of navigation, is used in XACS system to define privileges. Parameter function is involved in path expression for convenient maintenance of X-RBAC model.This paper gave designment of syntax of extended XQuery, designment of X-RBAC model, designment and implementation of XACS, and also example of XACS.Proposal of X-RBAC model, extension of XQuery language and involvement of parameter function in path expression are three features of this paper.In XACS system, authorized users can access XML document through extended XQuery language. The validation of the access operation should be judged by X-RBAC model. XACS solves the problem of information leak when multiple users share the same XML document, and promote the wide use of XML.