Take a sneak peek at the new NIST.gov and let us know what you think!
(Please note: some content may not be complete on the beta site.).

View the beta site
NIST logo

Publication Citation: Application of XML Tools for Enterprise-Wide RBAC Implementation Tasks

NIST Authors in Bold

Author(s): Ramaswamy Chandramouli;
Title: Application of XML Tools for Enterprise-Wide RBAC Implementation Tasks
Published: July 27, 2000
Abstract: The use of Extensible Markup Language (XML) and its associated APIs, for information modeling and information interchange applications is being actively explored by the research community. In this paper we develop an XML Document Type Definition (DTD) for representing the schema of a Role-based Access Control (RBAC) Model and a conforming XML document containing the actual RBAC-based access control data for a commercial banking application. Based on this DTD, the XML document and the methods in the Document Object Model (DOM) API Level 1.0 standards, we describe three application tasks related to enterprise-wide implementation of RBAC. They are: (a) Implementing a RBAC model for a database application (b) Implementing RBAC models with identical data on two different database servers and (c) Transforming data under a RBAC model to a different, but structurally similar model like Group-based Access Control model. Other potential Access Control Service applications exploiting the capabilities of some commercial XML processors are also outlined.
Conference: ACM Workshop on Role-Based Access Control (RBAC '00)
Proceedings: Fifth ACM Workshop on Role-Based Access Control (RBAC '00)
Pages: pp. 11 - 18
Location: Berlin, -1
Dates: July 26-27, 2000
Keywords: DOM API level 1.0, RBAC implementation tasks, RBAC model schema, Role-Based Access Control, XML DTD for RBAC Model
Research Areas: Computer Security
DOI: http://dx.doi.org/10.1145/344287.344297  (Note: May link to a non-U.S. Government webpage)
PDF version: PDF Document Click here to retrieve PDF version of paper (57KB)