{"title":"应用XML工具完成企业范围的RBAC实现任务","authors":"R. Chandramouli","doi":"10.1145/344287.344297","DOIUrl":null,"url":null,"abstract":"The use of Extensible Markup Language (XML) and its associated APIs, for information modeling and information interchange applications is being actively explored by the reseach community. In this paper we develop an XML Document Type Definition (DTD) for representing the schema of a Role-based Access Control (RBAC) Model and a conforming XML document containing the actual RBAC-based access control data for a commercial banking application. Based on this DTD, the XML document and the methods in the Document Object Model (DOM) API Level 1.0 standards, we describe three application tasks related to enterprise-wide implementation of RBAC. They are: (a)implementing an RBAC model for a database application (b)implementing RBAC models with identical data on two different database servers and (c)transforming data under an RBAC model to a different, but structurally similar model like Group-based Access Control model. Other potential Access Control Service applications exploiting the capabilities of some commercial XML processors are also outlined.","PeriodicalId":355233,"journal":{"name":"ACM Workshop on Role-Based Access Control","volume":"76 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2000-07-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"49","resultStr":"{\"title\":\"Application of XML tools for enterprise-wide RBAC implementation tasks\",\"authors\":\"R. Chandramouli\",\"doi\":\"10.1145/344287.344297\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The use of Extensible Markup Language (XML) and its associated APIs, for information modeling and information interchange applications is being actively explored by the reseach community. In this paper we develop an XML Document Type Definition (DTD) for representing the schema of a Role-based Access Control (RBAC) Model and a conforming XML document containing the actual RBAC-based access control data for a commercial banking application. Based on this DTD, the XML document and the methods in the Document Object Model (DOM) API Level 1.0 standards, we describe three application tasks related to enterprise-wide implementation of RBAC. They are: (a)implementing an RBAC model for a database application (b)implementing RBAC models with identical data on two different database servers and (c)transforming data under an RBAC model to a different, but structurally similar model like Group-based Access Control model. Other potential Access Control Service applications exploiting the capabilities of some commercial XML processors are also outlined.\",\"PeriodicalId\":355233,\"journal\":{\"name\":\"ACM Workshop on Role-Based Access Control\",\"volume\":\"76 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2000-07-26\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"49\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACM Workshop on Role-Based Access Control\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/344287.344297\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Workshop on Role-Based Access Control","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/344287.344297","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 49
摘要
在信息建模和信息交换应用程序中使用可扩展标记语言(XML)及其相关的api正在被研究社区积极探索。在本文中,我们开发了一个XML文档类型定义(DTD)来表示基于角色的访问控制(RBAC)模型的模式,并为商业银行应用程序开发了一个包含实际基于角色的访问控制数据的XML文档。基于此DTD、XML文档和文档对象模型(DOM) API Level 1.0标准中的方法,我们描述了与企业范围内实现RBAC相关的三个应用程序任务。它们是:(a)为数据库应用程序实现RBAC模型;(b)在两个不同的数据库服务器上实现具有相同数据的RBAC模型;(c)将RBAC模型下的数据转换为不同但结构相似的模型,如基于组的访问控制模型。还概述了利用某些商业XML处理器功能的其他潜在访问控制服务应用程序。
Application of XML tools for enterprise-wide RBAC implementation tasks
The use of Extensible Markup Language (XML) and its associated APIs, for information modeling and information interchange applications is being actively explored by the reseach community. In this paper we develop an XML Document Type Definition (DTD) for representing the schema of a Role-based Access Control (RBAC) Model and a conforming XML document containing the actual RBAC-based access control data for a commercial banking application. Based on this DTD, the XML document and the methods in the Document Object Model (DOM) API Level 1.0 standards, we describe three application tasks related to enterprise-wide implementation of RBAC. They are: (a)implementing an RBAC model for a database application (b)implementing RBAC models with identical data on two different database servers and (c)transforming data under an RBAC model to a different, but structurally similar model like Group-based Access Control model. Other potential Access Control Service applications exploiting the capabilities of some commercial XML processors are also outlined.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
