A Formal Language for Specifying Complex XML Authorisations with Temporal Constraints

  • Sean Policarpio
  • Yan Zhang
Conference paper

DOI: 10.1007/978-3-642-16342-5_32

Volume 6151 of the book series Lecture Notes in Computer Science (LNCS)
Cite this paper as:
Policarpio S., Zhang Y. (2010) A Formal Language for Specifying Complex XML Authorisations with Temporal Constraints. In: Bao F., Yung M., Lin D., Jing J. (eds) Information Security and Cryptology. Inscrypt 2009. Lecture Notes in Computer Science, vol 6151. Springer, Berlin, Heidelberg

Abstract

The Extensible Markup Language (XML) is utilised in many Internet applications we are using today. However, as with many computing technologies, vulnerabilities exist in XML that can allow for malicious and unauthorised use. Applications that utilise XML are therefore susceptible to security faults if they do not provide their own methods. Our research focuses on developing a formal language which can provide access control to information stored in XML formatted documents. This formal language will have the capacity to reason if access to an XML document should be allowed. Our language, \(\mathcal{A}^{xml(T)}\), allows for the specification of authorisations on XML documents based on the popular Role-based Access Control model. Temporal interval reasoning is the study of logically representing time intervals and relationships between them. As part of our research, we have also included this aspect in our language \(\mathcal{A}^{xml(T)}\) because we believe it will allow us to specify even more powerful access control authorisations.

Keywords

AI in computer security AI in database logic programming knowledge representation and reasoning access control authorisations XML databases and security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Sean Policarpio
    • 1
  • Yan Zhang
    • 1
  1. 1.Intelligent Systems Laboratory School of Computing and MathematicsUniversity of Western SydneyPenrith South DCAustralia