基于XML的访问控制研究-计算机软件与理论专业论文.docxVIP

山东大学硕士学位论文ABS 山东大学硕士学位论文 ABS TRACT XML has been increasingly important as the standard of information representation and exchange format of Internet and intranet， and the issue of security on XML properties correspondently gets more and more attention． Access contr01 for XML documents is a non—trivial topic， as can be witnessed from the number of approaches presented in the 1iterature． Access contr01 management is one of the foundation stone of database systems and is traditionallY performed by the servers，the Place where the trust is．This situation，however， is rapidly ev01ving due to very different factots：the suspieion about Database Service Providers(DSP) regarding data confidentiality preservation，the increasing vulnerability of database servers facing external and internal attacks．The common consequence of these orthogonal factors is to move access contr01 from servers to clients． Due to the intrinsic untrustworthiness of client devices。 a11 elient-based access contr01 solutions rely on data encryption．The data are kept encrypted at the server and a client is granted access to subparts of them according to the decryption key in its possession．These models have in common to rainimize the trust required on the client at the price of a static way of sharing data．Indeed， whatever the granularity of sharing， the dataset is split in subsets reflecting a current sharing situation， each encrypted with a different key， or composition of keys．Thus contr01 rules intersections are precompiled by the encryption．Once the dataset is encrypted， changes in the access contr01 rules definition may impact the subset boundaries，hence incurring a partial re—encryption of the dataset and potential redistribution of keys． Ill 山东大学硕士学位论文UnfortunatelY，there 山东大学硕士学位论文 UnfortunatelY，there are many situations where access centrel rules are user specific，dynamic and the difficuIt to predict．Models compiling access centrel p01icies in the data encryption cannot tackle this dynamicity．