Design of access control system for telemedicine secure XML documents
详细信息    查看全文
  • 作者:Sun-Moon Jo ; Kyung-Yong Chung
  • 关键词:XML ; Authorization ; Policy ; Access Control ; Security ; Telemedicine
  • 刊名:Multimedia Tools and Applications
  • 出版年:2015
  • 出版时间:April 2015
  • 年:2015
  • 卷:74
  • 期:7
  • 页码:2257-2271
  • 全文大小:1,262 KB
  • 参考文献:1. Adler S, Berglund A, Caruso J, Deach S, Graham T, Grosso P, Gutentag E, Milowski A, Parnell S, Richman J, Zilles S (2001) “Extensible stylesheet language (XSL) version 1.0,-World Wide Web Consortium (W3C), Available at http://www.w3.org/TR/xsl
    2. Agostino Ardagna C, Damiani E, De Capitani di Vimercati S, Samarati P (2005) “A Web Service Architecture for Enforcing Access Control Policies,-Elsevier B.V,
    3. Apache Software Foundation (2001) “Xalan-J version,-2.2.d14. Available at http://xml.apache.org/xalan-j/
    4. Baek SJ, Han JS, Chung KY (2013) Dynamic reconfiguration based on goal-scenario by adaptation strategy. Wirel Pers Commun 73(2):309-18
    5. Bartel M, Boyer J, Fox B, LaMacchia B, Simon E (2002) “XML Signature Syntax and Processing,-http://www.w3.org/TR/xmldsig-core/
    6. Berners-Lee T, Fielding R, Irvine UC, Masinter L (1998) “Uniform resource identifiers (URI): Generic syntax- Available at http://www.isi.edu/in-notes/rfc2396.txt
    7. Bertino E, Braun M, Castano S, Ferrari E, Mesiti M (2000) “Author-X: a java-based system for XML data protection,-Technical report, Dipartimento di Scienze dell-Informazione, University of Milano, submitted for publication
    8. Bertino E, Castano S, Ferrari E (2001) Securing XML documents with author-x. IEEE Internet Comput 5(3):21-1
    9. Bertino, E, Ferrari, E (2002) Secure and selective dissemination of XML documents. J ACM Trans Inf Syst Secur 5: pp. 290-331 CrossRef
    10. Biron P, Malhotra A (2001) “XML schema part 2: Datatypes- World Wide Web Consortium (W3C), Available at http://www.w3.org/TR/xmlschema-2
    11. Bray T, Paoli J, Sperbera-Gcqueen C, Maler E (2000) “Extensible markup language (XML) 1.0 (second edition),-World Wide Web Consortium (W3C), Available at http://www.w3.org/TR/REC-xml
    12. Bray T et al (2000) “Extensible Markup Language (XML) 1.0,-World Wide Web Consortium (W3C), http://www.w3c.org/TR/REC-xml, October 2000
    13. Chung, KY (2013) Recent trends on convergence and ubiquitous computing. Pers Ubiquit Comput.
    14. Chung KY, Na YJ, Lee JH (2013) Interactive design recommendation using sensor based smart wear and weather WebBot. Wirel Pers Commun 73(2):243-56
    15. Content Guard (2001) “eXtensible Rights Markup Language (XrML) 2.0,-Available at http://www.xrml.org
    16. Damiani E, Vimercati S, Paraboschi S, Samarati P (2000) “Design and implementation of an access control processor for xml documents,-in proceedings of the 9th International WWW conference, Amsterdam, pp 55-5
    17. Derose S, Maler E, Orchard D (2001) “XML linking language (XLink) version 1.0.,-World Wide Web Consortium (W3C), Available at http://www.w3.org/TR/xlink
    18. Deutsch A, Fernandez M, Florescu D, Levy A, Suciu D (1999) “A Query Language for XML,-In International Conference on World Wide Web, http://www8.org/
    19. Deutsch A, Tannen V (2001) “Containment and integrity constraints for xpath,-In Proceedings of the Eighth InternationalWorkshop on Knowledge Representation Meets Databases (Rome), September 2001
    20. Devanbu P, Gertz M, Kwong A, Martel C, Nuckolls G, Tubblebine S (2001) “Flexible authentication of XML documents,-In Proceedings of the Eighth ACM Conference on Computer and Communications Security (Philadelphia), November 2001
    21. Sabrina De Capitani di Vimercati (2002) “An authorization model for temporal XML documents,-Proceedings of the 2002 ACM Symposium on Applied computing (SAC-2), pp 1088-093, March 2002
    22. Document Object Model (DOM) (2002) Avaiable at http://www.w3.org/DOM/
    23. Gabillon A, Bruno E (2001) “Regulating access to XML documents,-In Proc. of the Fifteenth Annual IFIP WG 11.3 Working Conference on Database Security
    24. Hada S, Kudo M (2002) “XML access control language: provisional authorization for XML documents,-www.trl.ibm.com/projects/, pp 1-8
    25. Han, JS, Chung, KY, Kim, GJ (2013) Policy on literature content based on software as service. Multimedia Tools Appl.
    26. Jo, SM, Chung, KY (2008) Policy system of data access control for web servi
  • 刊物类别:Computer Science
  • 刊物主题:Multimedia Information Systems
    Computer Communication Networks
    Data Structures, Cryptology and Information Theory
    Special Purpose and Application-Based Systems
  • 出版者:Springer Netherlands
  • ISSN:1573-7721
文摘
XML can supply the standard data type in information exchange format on a lot of data generated in running database or applied programs for a company by using the advantage that it can describe meaningful information directly. Accordingly since there are increasing needs for the efficient management and telemedicine security of the massive volume of XML data, it is necessary to develop a secure access control mechanism for XML. The existing access control has not taken information structures and semantics into full consideration due to the fundamental limitations of HTML. In addition, access control for XML documents allows read operations only, and there are problems of slowing down the system performance due to the complex authorization evaluation process. To resolve this problem, this paper designs and builds a XACS (XML Access Control System), which is capable of making fined-grained access control. This only provides data corresponding to its users-authority levels by authorizing them to access only the specific items of XML documents when they are searching XML documents in telemedicine. To accomplish this, XACS eliminates certain parts of the documents that are inaccessible and transmits the parts accessible depending on the users-authority levels. In addition, it can be expanded to existing web servers because XML documents are used based on the normal web sites. The telemedicine secure and the guidelines are provided to enable quick and precise understanding of the information, and thus the safety enhancement gets improved. Ultimately, this paper suggests an empirical telemedicine application to confirm the adequacy and validity using the proposed method.
NGLC 2004-2010.National Geological Library of China All Rights Reserved.
Add:29 Xueyuan Rd,Haidian District,Beijing,PRC. Mail Add: 8324 mailbox 100083
For exchange or info please contact us via email.