____________________________ - PowerPoint PPT Presentation

slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
____________________________ PowerPoint Presentation
Download Presentation
____________________________

play fullscreen
1 / 28
____________________________
71 Views
Download Presentation
Download Presentation

____________________________

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. ____________________________ XML Access Control for Semantically Related XML Documents & A Role-Based Approach to Access Control For XML Databases BY Asheesh Kumar AXK0656 April 27, 2006

  2. XML Access Control for Semantically Related XML Documents_____________________________________________ • Vijay Parmar and Hongchi Shi Department of Computer Science & Computer Engineering University of Missouri- Columbia, USA • Su-Shing Chen Dept of computer & Information Science & Engineering University of Florida, USA

  3. A Role-Based Approach to Access Control for XML Databases_____________________________________________ • Zingzhu Wang Department of Computer Science University of Western Ontario, Canada • Su-Shing Chen Department of Computer Science University of Western Ontario, Canada

  4. XML Access Control for Semantically Related XML Documents _____________________________________________ • XML most preferred way to store & exchange information • Need to provide controlled access to such information is imminent • Authors propose an access control policy & mechanism for a collection of semantically related XML documents

  5. XML Access Control for Semantically Related XML Documents _____________________________________________ Features of proposed access control mechanism • It is developed for XML documents- semantically related • Access control conditions can be specified based on contents of the document • Access control is role based

  6. XML Access Control for Semantically Related XML Documents _____________________________________________ • Assume that each XML document resembles an entity playing a certain role • Each entity has certain relationships with other entities (XML document) • An access request may result in data coming from more than one document in the collection • Semantic relationships, so document playing a certain role can have access to other entities playing a different role

  7. XML Access Control for Semantically Related XML Documents _____________________________________________ • Sample relationships of entities playing particular role

  8. XML Access Control for Semantically Related XML Documents _____________________________________________ • Relationship between entities (XML documents)

  9. XML Access Control for Semantically Related XML Documents _____________________________________________ Observations for Access Control Policy • XML documents are not accessed by the document names.. • Entity playing a role may requests data from collection of XML documents by giving a general request over the whole collection • Now, requesting entities identification & role would cause access control mechanism to restrict its access according to access control policy • All documents in collection must comply with same DTD, so all entities playing a similar role have same structure but different content

  10. XML Access Control for Semantically Related XML Documents _____________________________________________ Overview of Access Control Policy Specification The Access Control Policy DTD

  11. XML Access Control for Semantically Related XML Documents _____________________________________________ Operation types and execution • Read • Write • Create • Delete Operations are performed by first querying the XML document collection with the XPATH query expression provided in the access request

  12. XML Access Control for Semantically Related XML Documents _____________________________________________ Steps involved in Read Operation • XPath query is processed on collection of XML documents • Results checked for list of allowed elements for read operation under the appropriate role • Result of above step leaves a set of document fragment that is further checked for access control condition • Condition for each allowed element and sub element is checked • If conditions are satisfied, the content of allowed element are not deleted

  13. XML Access Control for Semantically Related XML Documents _____________________________________________ • A sample Read operation

  14. XML Access Control for Semantically Related XML Documents _____________________________________________

  15. XML Access Control for Semantically Related XML Documents _____________________________________________ Condition Specification • Conditions indicate constraint for the access to the particular allowed element for a specific operation • Presence of name of an element in the allowed element list indicates that it is allowed for access for a particular role only if the conditions are satisfied • Conditions can be specified in the access control policy document with the ‘condition’ element • AND & OR conditions ..

  16. XML Access Control for Semantically Related XML Documents _____________________________________________

  17. XML Access Control for Semantically Related XML Documents _____________________________________________ Condition types • Prohibit • Equals • Exists • NotExists

  18. XML Access Control for Semantically Related XML Documents _____________________________________________ A sample Condition Specification

  19. XML Access Control for Semantically Related XML Documents _____________________________________________ A student is not allowed to update his grades but allowed to view them

  20. XML Access Control for Semantically Related XML Documents _____________________________________________ Overall Access control model

  21. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Propose to combine Role Graph Model, Authorization Type Graph and Authorization Object Schema, Authorization Object Graph • Group of permission -> Role -> assigned to users • Permissions are privileges • Privileges are made up of object and access mode ( read/ write etc) • Object part of an XML database is any part of XML

  22. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Example Role Graph

  23. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Authorization Object Schema for example

  24. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Authorization Object Graph for example

  25. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Authorization Type Graph

  26. A Role-Based Approach to Access Control for XML Databases _____________________________________________ • Authorization Association Matrix

  27. Thank You Asheesh Kumar AXK0656