The use of Extensible Markup Language (XML) and its associated APIs, for information modeling and information interchange applications is being actively explored by the research community. In this paper we develop an XML Document Type Definition (DTD) for representing the schema of a Role-based Access Control (RBAC) Model and a conforming XML document containing the actual RBAC-based access control data for a commercial banking application. Based on this DTD, the XML document and the methods in the Document Object Model (DOM) API Level 1.0 standards, we describe three application tasks related to enterprise-wide implementation of RBAC. They are: (a) Implementing a RBAC model for a database application (b) Implementing RBAC models with identical data on two different database servers and (c) Transforming data under a RBAC model to a different, but structurally similar model like Group-based Access Control model. Other potential Access Control Service applications exploiting the capabilities of some commercial XML processors are also outlined.
Proceedings Title: Fifth ACM Workshop on Role-Based Access Control (RBAC '00)
Conference Dates: July 26-27, 2000
Conference Location: Berlin, -1
Conference Title: ACM Workshop on Role-Based Access Control (RBAC '00)
Pub Type: Conferences
DOM API level 1.0, RBAC implementation tasks, RBAC model schema, Role-Based Access Control, XML DTD for RBAC Model