乐胖代购免代理版

{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2023,9,13]],"date-time":"2023-09-13T20:43:06Z","timestamp":1694637786693},"reference-count":38,"publisher":"Emerald","issue":"4","license":[{"start":{"date-parts":[[2009,11,20]],"date-time":"2009-11-20T00:00:00Z","timestamp":1258675200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2009,11,20]]},"abstract":"Purpose<\/jats:title>The purpose of this paper is to consider the secure publishing of XML documents, where a single copy of an XML document is disseminated and a stated role\u2010based access control policy (RBACP) is enforced via selective encryption. It describes a more efficient solution over previously proposed approaches, in which both policy specification and key generation are performed once, at the schema\u2010level. In lieu of the commonly used super\u2010encryption technique, in which nodes residing in the intersection of multiple roles are encrypted with multiple keys, it describes a new approach called multi\u2010encryption that guarantees each node is encrypted at most once.<\/jats:p><\/jats:sec>Design\/methodology\/approach<\/jats:title>This paper describes two alternative algorithms for key generation and single\u2010pass algorithms for multi\u2010encrypting and decrypting a document. The solution typically results in a smaller number of keys being distributed to each user.<\/jats:p><\/jats:sec>Findings<\/jats:title>The paper proves the correctness of the presented algorithms, and provides experimental results indicating the superiority of multi\u2010encryption over super\u2010encryption, in terms of encryption and decryption time requirements. It also demonstrates the scalability of the approach as the size of the input document and complexity of the schema\u2010level RBACP are increased.<\/jats:p><\/jats:sec>Research limitations\/implications<\/jats:title>An extension of this work involves designing and implementing re\u2010usability of keyrings when a schema or ACP is modified. In addition, more flexible solutions for handling cycles in schema graphs are possible. The current solution encounters difficulty when schema graphs are particularly deep and broad.<\/jats:p><\/jats:sec>Practical implications<\/jats:title>The experimental results indicate that the proposed approach is scalable, and is applicable to scenarios in which XML documents conforming to a common schema are to be securely published.<\/jats:p><\/jats:sec>Originality\/value<\/jats:title>This paper contributes to the efficient implementation of secure XML publication systems.<\/jats:p><\/jats:sec>","DOI":"10.1108\/17440080911006216","type":"journal-article","created":{"date-parts":[[2009,12,5]],"date-time":"2009-12-05T12:16:34Z","timestamp":1260015394000},"page":"465-494","source":"Crossref","is-referenced-by-count":0,"title":["Schema\u2010level access control policies for XML documents"],"prefix":"10.1108","volume":"5","author":[{"given":"Tomasz","family":"M\u00fcldner","sequence":"first","affiliation":[]},{"given":"Gregory","family":"Leighton","sequence":"additional","affiliation":[]},{"given":"Jan","family":"Krzysztof Mizio\u0142ek","sequence":"additional","affiliation":[]}],"member":"140","reference":[{"key":"key2022031120075149300_b1","doi-asserted-by":"crossref","unstructured":"Baldonado, M., Bertino, E. and Ferrari, E. (2002), \u201cSecure and selective dissemination of XML documents\u201d, ACM Transactions on Information and System Security (TISSEC), Vol. 5 No. 3, pp. 290\u2010331.","DOI":"10.1145\/545186.545190"},{"key":"key2022031120075149300_b5","doi-asserted-by":"crossref","unstructured":"Bertino, E. and Ferrari, E. (2002), \u201cSecure and selective dissemination of XML documents\u201d, ACM Transactions on Information and System Security (TISSEC), Vol. 5 No. 3, pp. 290\u2010331.","DOI":"10.1145\/545186.545190"},{"key":"key2022031120075149300_b4","doi-asserted-by":"crossref","unstructured":"Bertino, E., Carminati, B. and Ferrari, E. (2001), \u201cSecuring XML documents with author\u2010X\u201d, IEEE Internet Computing, Vol. 5 No. 3, pp. 21\u201031.","DOI":"10.1109\/4236.935172"},{"key":"key2022031120075149300_b3","doi-asserted-by":"crossref","unstructured":"Bertino, E., Carminati, B. and Ferrari, E. (2002), \u201cA temporal key management scheme for secure broadcasting of XML documents\u201d, Conference on Computer and Comm. Security, Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 31\u201040.","DOI":"10.1145\/586110.586116"},{"key":"key2022031120075149300_b2","doi-asserted-by":"crossref","unstructured":"Bertino, E., Carminati, B., Ferrari, E., Thuraisingham, B. and Gupta, A. (2004), \u201cSelective and authentic third\u2010party distribution of XML documents\u201d, IEEE Transactions on Knowledge and Data Engineering (TKDE), Vol. 16 No. 10, pp. 1263\u201078.","DOI":"10.1109\/TKDE.2004.63"},{"key":"key2022031120075149300_b7","doi-asserted-by":"crossref","unstructured":"Carminati, B., Ferrari, E. and Bertino, E. (2005), \u201cSecuring XML data in third\u2010party distribution systems\u201d, CIKM'05, Bremen, October 31\u2010November 5.","DOI":"10.1145\/1099554.1099575"},{"key":"key2022031120075149300_b8","doi-asserted-by":"crossref","unstructured":"Crampton, J. (2004), \u201cApplying hierarchical and role\u2010based access control to XML documents\u201d, Proceedings of the 2004 Workshop on Secure Web Service, pp. 37\u201046.","DOI":"10.1145\/1111348.1111353"},{"key":"key2022031120075149300_b9","unstructured":"Crypto++ (2009), Crypto++, available from http:\/\/sourceforge.net\/projects\/cryptopp\/ (accessed March 2009)."},{"key":"key2022031120075149300_b11","unstructured":"Damiani, E., De Capitani di Vimercati, S.D.C. and Samarati, P. (2005), \u201cNew paradigms for access control in open environments\u201d, Signal Processing and Information Technology, Proceedings of the 5th IEEE International Symposium, pp. 540\u20105."},{"key":"key2022031120075149300_b12","doi-asserted-by":"crossref","unstructured":"Damiani, E., De Capitani di Vimercati, S., Paraboschi, S. and Samarati, P. (2002), \u201cA fine\u2010grained access control system for XML documents\u201d, ACM Transactions on Information and System Security, Vol. 5 No. 2, pp. 169\u2010202.","DOI":"10.1145\/505586.505590"},{"key":"key2022031120075149300_b10","doi-asserted-by":"crossref","unstructured":"Damiani, M.L., Bertino, E. and Silvestri, C. (2008), \u201cSpatial domains for the administration of location\u2010based access control policies\u201d, Journal of Network Systems Management, Vol. 16 No. 3, pp. 277\u2010302.","DOI":"10.1007\/s10922-008-9106-0"},{"key":"key2022031120075149300_b14","doi-asserted-by":"crossref","unstructured":"Devanbu, P., Gertz, M., Kwong, A., Martel, C., Nuckolls, G. and Stubblebine, S.G. (2001), \u201cFlexible authentication of XML documents\u201d, Proceedings of the 8th ACM Conference on Computer and Communications Security, ACM Press, New York, NY.","DOI":"10.1145\/501983.502003"},{"key":"key2022031120075149300_b34","unstructured":"Extensible Markup Language (XML) (2009), Extensible Markup Language (XML), available at: www.w3.org\/TR\/xml (accessed March 2009)."},{"key":"key2022031120075149300_b15","doi-asserted-by":"crossref","unstructured":"Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.S. and Chandramouli, R. (2001), \u201cProposed NIST standard for role\u2010based access control\u201d, ACM Transactions on Information and System Security, Vol. 4 No. 3, pp. 224\u201074.","DOI":"10.1145\/501978.501980"},{"key":"key2022031120075149300_b16","doi-asserted-by":"crossref","unstructured":"Fundulaki, I. and Marx, M. (2004), \u201cSpecifying access control policies for XML documents\u201d, Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, pp. 61\u20109.","DOI":"10.1145\/990036.990046"},{"key":"key2022031120075149300_b17","doi-asserted-by":"crossref","unstructured":"Goel, S.K., Clinton, C. and Rosenthal, A. (2003), \u201cDerived access control specification for XML\u201d, Proceedings of the 2003 ACM Workshop on XML Security, pp. 1\u201014.","DOI":"10.1145\/968559.968561"},{"key":"key2022031120075149300_b18","doi-asserted-by":"crossref","unstructured":"Kanza, Y., Mendelzon, A.O., Miller, R.J. and Zhang, Z. (2006), \u201cAuthorization\u2010transparent access control for XML under the non\u2010Truman model\u201d, EDBT 2006, pp. 222\u201039.","DOI":"10.1007\/11687238_16"},{"key":"key2022031120075149300_b19","doi-asserted-by":"crossref","unstructured":"Kudo, M. and Hada, S. (2000), \u201cXML document security based on provisional authorization\u201d, Proceedings of the 7th ACM Conference on Computer and Communications Security, pp. 87\u201096.","DOI":"10.1145\/352600.352613"},{"key":"key2022031120075149300_b20","doi-asserted-by":"crossref","unstructured":"Kundu, A. and Bertino, E. (2008), \u201cA new model for secure dissemination of XML content\u201d, IEEE Transactions on Systems, Man, and Cybernetics \u2013 Part C: Applications and Reviews, Vol. 38 No. 3.","DOI":"10.1109\/TSMCC.2008.919213"},{"key":"key2022031120075149300_b21","doi-asserted-by":"crossref","unstructured":"Kuper, G., Massaci, F. and Rassadko, N. (2005), \u201cGeneralized XML security views\u201d, Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, pp. 77\u201084.","DOI":"10.1145\/1063979.1063994"},{"key":"key2022031120075149300_b22","doi-asserted-by":"crossref","unstructured":"Miklau, G. and Suciu, D. (2003), \u201cControlling access to published data using cryptography\u201d, Proceedings of the 29th VLDB Conference, Berlin.","DOI":"10.1016\/B978-012722442-8\/50084-7"},{"key":"key2022031120075149300_b23","unstructured":"M\u00fcldner, T., Leighton, G. and Mizio\u0142ek, J.K. (2006), \u201cUsing multi\u2010encryption to provide secure and controlled access to XML documents\u201d, Extreme Markup Languages, Montreal."},{"key":"key2022031120075149300_b24","unstructured":"M\u00fcldner, T., McNeill, R. and Mizio\u0142ek, J.K. (2008), \u201cSecure publishing using schema\u2010level role\u2010based access control policies for fragments of XML documents\u201d, paper presented at The Markup Conference, Balisage."},{"key":"key2022031120075149300_b25","doi-asserted-by":"crossref","unstructured":"Murata, M., Lee, D., Mani, M. and Kawaguchi, K. (2005), \u201cTaxonomy of XML schema languages using formal language theory\u201d, ACM Trans. Internet Techn., Vol. 5 No. 4, pp. 660\u2010704.","DOI":"10.1145\/1111627.1111631"},{"key":"key2022031120075149300_b26","unstructured":"Ramaswamy, C. (2003), \u201cA policy validation framework for enterprise authorization specification\u201d, 19th Annual Computer Security Applications Conference ACSAC, pp. 319\u201029."},{"key":"key2022031120075149300_b27","doi-asserted-by":"crossref","unstructured":"Rassadko, N. (2007), Query Rewriting Algorithm Evaluation for XML Security Views, Vol. 4721, Springer, Berlin\/Heidelberg.","DOI":"10.1007\/11805588_8"},{"key":"key2022031120075149300_b28","unstructured":"Schematron (2009), Schematron, available at: www.schematron.com\/ (accessed in March)."},{"key":"key2022031120075149300_b29","unstructured":"Schneier, B. (1996), Applied Cryptography, 2nd ed., John Wiley & Sons, New York, NY."},{"key":"key2022031120075149300_b30","doi-asserted-by":"crossref","unstructured":"Terstegge, J. (2007), \u201cPrivacy in the law\u201d, chapter 2, in Petkovic, M. and Jonker, W. (Eds), Security, Privacy, and Trust in Modern Data Management, Springer, Berlin, pp. 11\u201020.","DOI":"10.1007\/978-3-540-69861-6_2"},{"key":"key2022031120075149300_b33","unstructured":"Xerces (2009), Xerces, available at: http:\/\/xerces.apache.org\/xerces\u2010c\/ (accessed March 2009)."},{"key":"key2022031120075149300_b35","unstructured":"Xmark (2009), Xmark, available at: http:\/\/monetdb.cwi.nl\/xml\/ (accessed March 2009)."},{"key":"key2022031120075149300_b36","unstructured":"XML 1.0. (2008), XML 1.0., available at: www.w3.org\/TR\/REC\u2010xml\/ (accessed 2008)."},{"key":"key2022031120075149300_b37","unstructured":"XML Path Language (2009), XML Path Language, available at: www.w3.org\/TR\/xpath (accessed March 2009)."},{"key":"key2022031120075149300_b38","unstructured":"XML Schema (2009), XML Schema, available at: www.w3.org\/TR\/xmlschema\u20100\/ (accessed March 2009)."},{"key":"key2022031120075149300_b39","unstructured":"Zhang, X., Park, J. and Sandhu, R. (2003), \u201cSchema based XML security: RBAC approach\u201d, paper presented at 17th IFIP 11.3. Working Conference on Data and Application Security."},{"key":"key2022031120075149300_frg1","doi-asserted-by":"crossref","unstructured":"Bertino, E. and Thuraisingham, B. (2004), \u201cSelective and authentic third\u2010party distribution of XML documents\u201d, IEEE Transactions on Knowledge and Data Engineering, Vol. 16 No. 10.","DOI":"10.1109\/TKDE.2004.63"},{"key":"key2022031120075149300_frg2","doi-asserted-by":"crossref","unstructured":"De Capitani di Vimercati, S., Paraboschi, S. and Samarati, P. (2003), \u201cAccess control: principles and solutions\u201d, Software Practice & Experience, Vol. 33 No. 5, April, pp. 397\u2010421.","DOI":"10.1002\/spe.513"},{"key":"key2022031120075149300_frg3","unstructured":"W3C Document Object Model Core (2004), W3C Document Object Model Core, available at: www.w3.org\/TR\/2004\/REC\u2010DOM\u2010Level\u20103\u2010Core\u201020040407\/core.html#ID\u20101590626202 (accessed March 2009)."}],"container-title":["International Journal of Web Information Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/17440080911006216","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/17440080911006216\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/17440080911006216\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,3,11]],"date-time":"2022-03-11T20:32:00Z","timestamp":1647030720000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/17440080911006216\/full\/html"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2009,11,20]]},"references-count":38,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2009,11,20]]}},"alternative-id":["10.1108\/17440080911006216"],"URL":"https:\/\/doi.org\/10.1108\/17440080911006216","relation":{},"ISSN":["1744-0084"],"issn-type":[{"value":"1744-0084","type":"print"}],"subject":[],"published":{"date-parts":[[2009,11,20]]}}}