Abstract
The integration of isolated XML repositories has drawn more and more interest recently. In this paper, we propose XML federations to provide global e-services while preserving the necessary autonomy and security of each individual repository. First we show a logical architecture of XML federations, which is adapted from the common architecture of traditional federated databases according to the unique requirements of XML federations. On the basis of the architecture, we address security issues of XML federations, especially the authentication and authorization of federation users. We point out several problems in applying existing access control schemes and give our solutions.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35697-6_26
Chapter PDF
References
Batini, C., Lenzerini, M. and Navathe, S. (1986). A comparative analysis of methodologies for database schema integration. ACM Computing Surveys, 18 (4): 323–364.
Bertino, E., Castano, S., Ferrari, E. and Mesiti, M. (2000). Specifying and enforcing access control policies for XML documents sources. World Wide Web Journal, 3 (3): 139–151.
Bonatti, P. and Samarati, P. (2000). Regulating service access and information release on the web. In Proceedings of the Seventh ACM Conference on Computer and Communications Security, pages 134–143.
Collins, S., Navathe, S. and Mark, L. (to appear). XML schema mappings for heterogeneous database access. Information and Software Technology (Special Issue on Objects).
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S. and Samarati, P. (2000a). Design and implementation of an access control processor for XML documents. In Proceedings of the Ninth International World Wide Web Conference.
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S. and Samarati, P. (2000b). Regulating access to semistructured information on the web. In Proceedings of the IFIP-TC11 International Conference on Information Security.
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S. and Samarati, P. (2000c). Securing XML documents. In Proceedings of the International Conference on Extending Database Technology, pages 121–135.
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S. and Samarati, P. (2001). Fine grained access control for SOAP e-services. In Proceedings of the Tenth International Conference on the World Wide Web, pages 504–513.
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S. and Samarati, P. (2002a). A fine-grained access control system for xml documents. ACM Transactions on Information and System Security, 5 (2): 169–202.
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S. and Samarati, P. (2002b). Securing soap e-services. International Journal of Information Security, 1 (2): 100–115.
Dawson, S., Samarati, P., De Capitani di Vimercati, S., Lincoln, P., Wiederhold, G., Bilello, M., Akella, J. and Tan, Y. (2000). Secure access wrapper: Mediating security between heterogeneous databases. In Proceedings of the DARPA Information Survivability Conference and Exposition (DISCEX).
Gabillon, A. and Bruno, E. (2001). Regulating access to XML documents. In Proceedings of the Fifteenth IFIP WG11.3 Conference on Database and Applications Security, pages 311–328.
Gudes, E. and Olivier, M. (1998). Security policies in replicated and autonomous databases. In Proceedings of the Twelfth IFIP WG 11.3 Conference on Database Security, pages 93–107.
Jonscher, D. and Dittrich, K. (1994). An approach for building secure database federations. In Proceedings of the Twentieth VLDB Conference, pages 24–35.
Jonscher, D. and Dittrich, K. (1995). Argos–a configurable access control system for interoperable environments. In Proceedings of the IFIP WG 11.3 Workshop on Database Security, pages 43–60.
Kudo, M. and Hada, S. (2000). XML documents security based on provisional authorization. In Proceedings of the Seventh ACM Conference on Computer and Communications Security, pages 87–96.
Sheth, A. and Larson, J. (1990). Federated database system for managing distributed, heterogeneous, and autonomous databases. ACM Computing Surveys, 22 (3): 183–236.
WWW Consortium (2000). Extensible markup language (XML) 1.0. Available at www.w3.org/TR /REC-xml.
WWW Consortium (2001). XML schema 1.1. Available at www.w3.org/ XML/ Schema.
Yang, J., Wijesekera, D., and Jajodia, S. (2001). Subject switching algorithms for access control in federated databases. In Proceedings of the Fifteenth IFIP WG11.3 Conference on Database and Applications Security, pages 199–204.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Wang, L., Wijesekera, D., Jajodia, S. (2003). Towards Secure XML Federations. In: Gudes, E., Shenoi, S. (eds) Research Directions in Data and Applications Security. IFIP — The International Federation for Information Processing, vol 128. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35697-6_10
Download citation
DOI: https://doi.org/10.1007/978-0-387-35697-6_10
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-6413-0
Online ISBN: 978-0-387-35697-6
eBook Packages: Springer Book Archive