7

Access control models are typically very coarse-grained, allowing one access to a resource (possibly with some combination of read/write/execute permission) or exclude such access. Some models of database security allow access to be granted on a per row basis (though I don't have a reference handy).

Have fine-grained access control models been designed to limit access to parts of an XML document? What could/should a model look like? Has any work been done in this area? Are other security models applicable in this context?

For example, one could imagine that the model prevents access to a particular subtree. The subtree could either be removed or encrypted.

Note that this need not explicitly apply to XML. Any models devised for semi-structured data are also interesting.

Kaveh
  • 22,661
  • 4
  • 53
  • 113
Dave Clarke
  • 20,345
  • 4
  • 70
  • 114

2 Answers2

5

The conversion between SQL access control policies and XML-specific access control models has been studied in:

"Preserving SQL Access Control Policies Over Published XML Data" by G. Leighton (2009)

According to the author:

... To the best of our knowledge, our work represents the first attempt to formulate an SQL-to-XML access control policy translation framework, capable of expressing the entirety of the SQL access control model, and carrying the semantics of the original ACP over to the chosen XML ACP formulation language. ...

Vor
  • 12,743
  • 1
  • 31
  • 62
4

I'm no expert on access control for structured data. This is a 10000-foot view. Don't assume a correlation between what my answer covers, what is scientifically interesting and what is significant in terms of deployment.

Take any access control or permission mechanism and slap some angle braces around it, and you have an XML access control mechanism. It's been done a lot, but it looks like each effort has had little visibility outside the community it originated in.

XACML is a standard (that some people actually use) for specifying access control policies. Some of these policies control data access. I believe the model it uses for actors (PAP, PDP, PEP, PIP) is common in distributed access control systems (for managing data access and otherwise).

XACL (not to be confused with XACL or XACML) is a rich model for access control over elements or subtrees, allowing redaction, encryption and other transformations of content as well as logging.

There's a 2006 survey by Mark J. Estlund. It covers both XML for access control and access control of XML. It's nowhere near complete.

Access Control in Data Management Systems by Elen Ferrari (2010) has a section on XML.

Gilles 'SO- stop being evil'
  • 44,159
  • 8
  • 120
  • 184