Skip to main content
SpringerLink
Log in

Controlling Access to Documents: A Formal Access Control Model

  • Conference paper
Emerging Trends in Information and Communication Security (ETRICS 2006)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3995))

Abstract

Current access-control systems for documents suffer from one or more of the following limitations: they are coarse-grained, limited to XML documents, or unable to maintain control over copies of documents once they are released by the system. We present a formal model of a system that overcomes all of these restrictions. It is very fine-grained, supports a general class of documents, and provides a foundation for usage control.

This work was partially supported by the Zurich Information Security Center. It represents the views of the authors.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Bertino, E., Sandhu, R.: Database security—concepts, approaches, and challenges. IEEE Transactions on Dependable and Secure Computing 2, 2–19 (2005)

    Article  Google Scholar 

  2. Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. ACM Press, New York (1995)

    MATH  Google Scholar 

  3. Smith, B., Komar, B.: Microsoft Windows Security Resource Kit, 2nd edn. Microsoft Press, Redmond (2005)

    Google Scholar 

  4. W3C (World Wide Web Consortium): Extensible Markup Language (XML) (W3C Recommendation)

    Google Scholar 

  5. International Organization for Standardization: Information technology – Z formal specification notation – Syntax, type system and semantics. 1st edn. (2002)

    Google Scholar 

  6. Hoare, C.: Communicating Sequential Processes. Prentice-Hall, Englewood Cliffs (1985)

    MATH  Google Scholar 

  7. Fischer, C.: CSP-OZ: a combination of Object-Z and CSP. In: Proc. 2nd IFIP Workshop on Formal Methods for Open Object-Based Distributed Systems (FMOODS), pp. 423–438 (1997)

    Google Scholar 

  8. Park, J., Sandhu, R.: The UCONABC usage control model. ACM Transactions on Information and System Security 7, 128–174 (2004)

    Article  Google Scholar 

  9. Karjoth, G., Schunter, M., Waidner, M.: Platform for Enterprise Privacy Practices: Privacy-Enabled Management of Customer Data. In: Dingledine, R., Syverson, P.F. (eds.) PET 2002. LNCS, vol. 2482, pp. 69–84. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  10. IBM Zurich Research Laboratory: Enterprise privacy technologies (WWW)

    Google Scholar 

  11. Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Provisions and obligations in policy rule management. Journal of Network and Systems Management 11, 351–372 (2003)

    Article  Google Scholar 

  12. Bettini, C., Jajodia, S., Wang, X.S., Wijesekera, D.: Reasoning with advanced policy rules and its application to access control. International Journal on Digital Libraries 4, 156–170 (2004)

    Article  Google Scholar 

  13. Hilty, M., Basin, D., Pretschner, A.: On Obligations. In: de Capitani di Vimercati, S., Syverson, P., Gollmann, D. (eds.) ESORICS 2005. LNCS, vol. 3679, pp. 98–117. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  14. Sevinç, P.E., Basin, D.: Controlling access to documents: A formal access control model. Technical report, Swiss Federal Institute of Technology Zurich (2006)

    Google Scholar 

  15. OASIS: eXtensible Access Control Markup Language (XACML) (Specification)

    Google Scholar 

  16. W3C (World Wide Web Consortium): Document Object Model (DOM) Level 3 Core Specification (W3C Recommendation)

    Google Scholar 

  17. Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: A fine-grained access control system for XML documents. ACM Transactions on Information and System Security 5, 169–202 (2002)

    Article  MATH  Google Scholar 

  18. IBM Tokyo Research Laboratory: XML Access Control Language (XACL) (WWW)

    Google Scholar 

  19. Kudo, M., Hada, S.: XML document security based on provisional authorization. In: Proceedings of the 7th ACM conference on Computer and communications security, Athens, pp. 87–96 (2000)

    Google Scholar 

  20. Bertino, E., Castano, S., Ferrari, E.: Securing XML documents with Author-X. IEEE Internet Computing 5, 21–31 (2001)

    Article  Google Scholar 

  21. Bertino, E., Carminati, B., Ferrari, E.: Access control for XML documents and data. Information Security Technical Report 9, 19–34 (2004)

    Google Scholar 

  22. Gabillon, A., Munier, M., Bascou, J.-J., Gallon, L., Bruno, E.: An access control model for tree data structures. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 117–135. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  23. Gabillon, A.: An authorization model for XML databases. In: Proceedings of the 11th ACM conference on Computer and communications security (2004)

    Google Scholar 

  24. Niézette, M., Stévenne, J.M.: An efficient symbolic representation of periodic time. In: Finin, T.W., Yesha, Y., Nicholas, C. (eds.) CIKM 1992. LNCS, vol. 752, pp. 161–168. Springer, Heidelberg (1993)

    Google Scholar 

  25. Trusted Computing Group: TCG TPM Specification Version 1.2 (TCG Specification)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, ETH Zurich, 8092, Zurich, Switzerland

    Paul E. Sevinç & David Basin

  2. Dept. of Computing Science, University of Oldenburg, 26111, Oldenburg, Germany

    Ernst-Rüdiger Olderog

Authors
  1. Paul E. Sevinç
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Basin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ernst-Rüdiger Olderog
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institut für Informatik und Gesellschaft, Abt. Telematik, Albert-Ludwigs-Universität Freiburg, Friedrichstr. 50, 79098, Freiburg, Germany

    Günter Müller

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sevinç, P.E., Basin, D., Olderog, ER. (2006). Controlling Access to Documents: A Formal Access Control Model. In: Müller, G. (eds) Emerging Trends in Information and Communication Security. ETRICS 2006. Lecture Notes in Computer Science, vol 3995. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11766155_25

Download citation

  • DOI: https://doi.org/10.1007/11766155_25

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-34640-1

  • Online ISBN: 978-3-540-34642-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation