Content-Based, Context-Aware Role Based Access Control for Secure Distributed XML

Research Areas

• End System Security
• Network Security
• Assured Identity and Privacy
• Prevention, Detection and Response
• Policy, Law and Management
• Human Centric Security

This project will develop a comprehensive security framework using content-based and context-aware access control models for XML-based applications in distributed heterogeneous multi-enterprise environments. Such applications include electronic commerce, finance and banking, manufacturing, corporate databases, health-care and other on-line services and businesses. For these applications, information access may need to be restricted due to the sensitivity, importance or the relevance of the content of the information, time, location and other contextual information obtained at the time the access requests are made. The proposed framework will be built upon role-based access control (RBAC) models. In this project the following tasks will be pursued: development of a content and context-based generalized temporal RBAC model (CC-GTRBAC) for XML documents and extension of XML language for the proposed model. The extended language will be used to develop a security model that will allow protection of XML document sources at various levels including conceptual, XML schema and XML instance levels; extending CC-GTRBAC to develop a secure multi-enterprise environment for distributed XML documents; development of an experimental prototype of a distributed XML environment to check the efficacy and viability of this research.

Keywords: RBAC, XML Applications, context

Footer

Intranet Site