| XML is widely used as a prevalent standard of data exchange and storage over Internet. Some mechanisms are needed to protect the confidentiality of privacy data stored in XML database, and access control is one of the mechanisms. The desire of data provider's protecting privacy data is often changed over time, we call it temporal privacy data. Temporality is important for privacy data and the key factor in some access control policies. Based on XML technology, the problem about access control for the temporal privacy data is researched.Based on the analysis of XML technology and Role based access control (RBAC), a temporal privacy data role-based control access model (called TPD-RBAC model for short) is presented in the paper, combining with the features of the temporal privacy data. TPD-RBAC model extends RBAC model with access purpose, privacy time and so on to enforce a fine-grained access control for XML database. Based on the TPD-RBAC model, a kind of access control schemes is purposed. The corresponding privacy policy is designed in terms of TPD-RBAC model, then applied it into temporal database based on XML, and the privacy data is progressive controlled between file-level and element-level to further satisfy the needs of the privacy objects'protection. In the finality, a case of electronic medical records system is presented to discuss the feasibility of the scheme. |
PDF Full Text Request