Existing access control models for XML have focused primarily on providing read access to the users. In this project we have studied the existing access control models for XML data, identified their shortcomings, and developed technical solutions to improve upon previous work. The focus of access control models developed so far has been on providing read access to the users. The aim of our work is to evaluate the feasibility of existing XML access control models to handle update operations. Our hypothesis is that the existing, syntax-based access control models do not provide sufficient support for XML databases. In particular, they do not provide policy validation capabilities and are vulnerable in the presence of updates. In this work we have addressed the limitations regarding the update vulnerabilities and develop technical solution a to improve upon the existing access control models. There are various update operations and our area of focus has been on delete operations from the perspective of illegal inferences and data integrity. We have also applied the Multilevel Secure (MLS) Access Control Model to XML databases.
In this implementation we have incorporated Mandatory Access Control Model in eXist, an existing XML database. eXist was downloaded from http://www.sourceforge.net. Source code of our implementation is available on request.
Masters Thesis: Deepanwita Roy, Multilevel XML Data Model, August 2005
- Secure XML Updates