ACCESS CONTROL TO XML DOCUMENT INCLUDING ADMINISTRATIVE AUTHORIZATION

摘要

As the uses of XML document are increases as a data representation of data storage, the necessity of access control to the XML documents are also increasing. Several access control model are proposed. Most of them considered only read operation. Although some access control models consider update actions on XML data, this is still a research issue. In a real database oriented management system, a large number of users could be involved. In the current proposed access control model, the administration of user permission not mentioned or the security officer grants user access to XML documents. So, in a big data storage system involving many users, it will be a big task for the security officer to maintain the user permissions. In the real life scenario, the administrative work (giving/removing user permission) can be decentralized by giving some users administrative power on some user groups. In this paper we propose an access control model that can allow a user to give permission to other users on specific nodes. The proposed additional access right information can be considered as an extension of existing access control model