1
A New Approach to XML Access Control | |
Author | Tanit Chaiyasit |
Call Number | AIT Thesis no.IM-06-17 |
Note | A thesis submitted in partial fulfillment of the requirements for the degree of Master of Engineering, School of Engineering and Technology |
Publisher | Asian Institute of Technology |
Series Statement | Thesis ; no. IM-06-17 |
Abstract | As XML becomes the standard format for presenting resources in the Web environment, the increasing demands for XML security technology alises too. Since XML is also being used for data representation of data storage, this also leads to XML data protection in which it will be guaranteed through access control. Therefore, access control for XML must be executed correctly and efficiently as well as its capabilities surpassing the standard access control service emphasizing on data prevention by using the three elements of Subject, Action and Resource. It is proven that the traditional access control system can prevent Joss of critical data, but cannot perform data correction for shareholders and fabricate fake data for rivals, as well as, forbid access to critical resources that will cause negative feeling toward the organization. In thi s study, access control and its approaches will be introduced, including the recent reviews in its models, languages and enforce mechanisms, last but not least, a prototype wi ll be initiated comprising its design and enforcement mechanism. The proposed access control system will be able to provide appropriate information to various groups of users in any situations. The system will benefit from some users by providing suitable information. The prototype system uses XACML model. Organizations and the like should take advantage of the unlimited resolutions available for integration. Strategy and planning are the key factors of effectiveness. |
Year | 2006 |
Corresponding Series Added Entry | Asian Institute of Technology. Thesis ; no. IM-06-17 |
Type | Thesis |
School | School of Engineering and Technology (SET) |
Department | Department of Information and Communications Technologies (DICT) |
Academic Program/FoS | Information Management (IM) |
Chairperson(s) | Vilas Wuwongse; |
Examination Committee(s) | Vatcharaporn Esichaikul;Janecek, Paul; |
Scholarship Donor(s) | Royal Thai Navy; |
Degree | Thesis (M. Eng.) - Asian Institute of Technology, 2006 |