The Study Of Multi-Grained Access Control Model For XML Data Source

Posted on:2009-06-04

Degree:Master

Type:Thesis

Country:China

Candidate:Y Bao

Full Text:PDF

GTID:2178360245969985

Subject:Information security

Abstract/Summary:

PDF Full Text Request

XML has emerged as a prevalent standard for data exchange and storage. Some mechanisms are needed to protect sensitive information stored in XML document, and access control is one of the mechanisms. Concerning XML features, the research can be done in both fine-grained way and coarse grained way. Based on XML and relative XML technology, role based access control model is introduced into the research and a new multi-grained access control model is given as well as the implementation.First, a brief introduction to the XML security mechanisms including XML Encryption, XML Signature, XML Key Management Specification and so on are given after showing the background of this field. The current research level and future developing direction are analyzed and the main points of this paper are highlighted.Second, DTD and XML Schema are introduced, and these two patterns are compared. XML Schema has a lot of merits. XPath is introduced to locate the XML resource. Next, three types of access control model are compared: Discretionary Access Control model, Mandatory Access Control model, Role Based Access Control model. The latter's advantages over the other two are shown.Third, an extend role-base model fitting for XML source is proposed, and common definition of an access control rule is extended. A concept called 'Permission Hierarchy' is given to support multi-grained access control model. It makes the control grain reach either element or document level .The rule has additional two fields: date and priority. Date field demonstrates the production date of the rule. Priority field can specify the rule's priority. It is convenient to grant and revoke permission. The two combined solve the permission contradict problem of traditional RBAC. The constraints in the model are extended. Time constraint and space constraint are introduced into the model.Fourth, the design of PH-RBAC system for equipment information in military network is given. The modules division and implementation schema of each module are also given. The algorithm of key module is described with pseudo code. User-role, role- hierarchy and permission information is described with XML.In the finality, the problems requiring further studies are discussed.

Keywords/Search Tags:

xml, access control, rbac, multi-grained, permission hierarchy

PDF Full Text Request

Related items

1	Research And Implementation Of An Improved RBAC Permission System
2	Design And Implementation Of Fine Grained Access Control Mechanism For HBase
3	Research And Implement Of Permission Control RBAC-based In PDM
4	Research And Application Of Extended RBAC Model On The Permission Control
5	Research On Access Control Technologies In Cloud Computing Environment
6	Research And Application Of Permission Management Model In PDM
7	Design And Implementation Of Reusable Access Control Component Based On RBAC
8	Research And Implementation Of Extended Rbac Model-based Fine-grained Access Control
9	Research And Implementation Of A Fine-grained Permission Control Method Based On Context For Mobile Applications
10	Design And Implementation Of Bank Privilege Middleware Based On Improved RBAC Model