History-Based Access Control for XML Documents.
Technische Universität, Darmstadt
[Ph.D. Thesis], (2008)
Available under Creative Commons Attribution Non-commercial No Derivatives, 2.5.
Download (1MB) | Preview
|Item Type:||Ph.D. Thesis|
|Title:||History-Based Access Control for XML Documents|
In the recent years, there was a development in which paper documents were more and more replaced by electronic documents. As electronic documents introduce several advantages, they also bring new risks. Electronic documents can be stolen more easily and its also happens easier that they are deleted accidently. Access control mechanisms were introduced, to reduce this risks, which is achieved by restricting all accesses to the required ones. Many different solutions were developed to provide access control for different types of storing data. Since XML is widely used and offers many technical advantages, we focus on access control for XML documents in this thesis. Previous methods for access control defined access for each object individually and manually, which is error-prone and time-consuming. Advanced approaches derive the access rights from the properties of an object. They use the content of an object to derive the required level of protection and finally its access rights. An essential property, which has not been regarded, is how objects have been created. We refer to this as the History and record it while a document is edited. This history allows us to derive the access rights more precisely, since it adds a further way of differentiating between objects. For example, it can be regarded from where an object was copied, when it was created or by whom it was created. Furthermore, is the previous content of a document can be regarded to define the access rights of a documents. In addition to our history-based access control model, we present a system architecture for it and describe the security mechanisms for the architecture.
|Place of Publication:||Darmstadt|
|Classification DDC:||000 Allgemeines, Informatik, Informationswissenschaft > 004 Informatik|
|Divisions:||20 Department of Computer Science|
|Date Deposited:||17 Oct 2008 09:22|
|Last Modified:||07 Dec 2012 11:53|
|Referees:||Eckert, Prof. Dr. Claudia and Grimm, Prof. Dr. Rüdiger|
|Refereed:||7 April 2008|