Protecting Datasources Over the Web [chapter]

Silvana Castano, Eena Ferrari
Web-Powered Databases  
Since the Web is becoming the main means of disseminating information in private and public organizations, both at internal and external levels, several applications at Internet and intranet level need mechanisms supporting a selective access to data available over the Web. Through XML, the document exchange and acquisition processes, which can be very frequent in Web-based systems, are simplified and standardized. The development of suitable security policies for both access control and
more » ... tion release and distribution are relevant research topics in the security field, and XML compatibility is an important requirement for Web datasource protection. This chapter covers the issues related to the definition of security policies, models and mechanisms for access control and dissemination of Web data, and is organized in two parts. In the first part, we introduce the general issues and requirements related to the definition of different types of security policies for access control and for information release in Web datasources. Then, we present security policies and mechanisms specifically devoted to the protection of XML data. In the second part, we describe the use of XML for the specification of security relevant information, focusing on security policies, subject credentials, and content protection.
doi:10.4018/9781591400356.ch011 fatcat:kjx2urm23vbfze2ntpym2x3cri