计算机工程与应用 ›› 2007, Vol. 43 ›› Issue (17): 157-159.

• 数据库与信息处理 • 上一篇    下一篇

一种基于XML Schema的安全访问控制策略

王战敏,崔杜武   

  1. 西安理工大学 计算机科学与工程学院,西安 710048
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2007-06-11 发布日期:2007-06-11
  • 通讯作者: 王战敏

Access control strategy based on RBAC for XML security

WANG Zhan-min,CUI Du-wu   

  1. School of Computer Science and Engineering,Xi’an University of Technology,Xi’an 710048,China
  • Received:1900-01-01 Revised:1900-01-01 Online:2007-06-11 Published:2007-06-11
  • Contact: WANG Zhan-min

摘要: 为提高XML文档资源访问控制的安全性,依据RBAC对XML组件具有复杂约束以及模式与元素之间关系的良好重用机制的特性,构建了一种新的访问控制模型—SRBAC。在此基础上,提出了相应目标访问控制算法TDACA,创建了相应策略,验证了SRBAC的有效性,从而实现了有效的访问控制和实例级的认证,保证了XML文件的安全使用。

关键词: XML Schema, SRBAC, 安全, 访问控制策略

Abstract: In this paper,a Role-Based Access Control(RBAC) model based on XML schema is proposed for solving security problems of accessing XML documents.XML schema supports complex constraints for XML components and provides a mechanism to build rich reuse relationships between schemas and elements.Based on these features our model extends the RBAC96,corresponding algorithm-TDACA(Target Document Access Control Algorithm) is also presented,which provides a fine-grained access control and also supports instances-level authorization methods.

Key words: XML Schema, SRBAC, security, access control strategy