Lecture SQL XML Security presentation of content: Web Data - protection requirements, dissemination policies, why XML, graph representation, the author-X Project, enforcing access control, protection object specification, propagation option,. | Pag. 1 XML Security 1 Pag. 2 Outline Security requirements for web data. Basic concepts of XML Security policies for XML data protection and release Access control mechanisms for XML data XML-based specification of security informaiton XML security: future trends Pag. 3 Web Data: Protection Requirements The web is becoming the main informaiton dissemination means for many organizations Strong need for models and mechanisms enabling the specification and enforcement of security policies for web data protection and release Pag. 4 Web Data In the web environment, information distribution often takes the form of documents that are made available at Web servers, or that are actively broadcasted by Web servers to interested clients Documents may also be exchanged among the various servers Pag. 5 Web Docs: Protection Requirements Web documents may have a nested or hierarchical, inter-linked structure Different portions of the same document may have different protection requirements We . | Pag. 1 XML Security 1 Pag. 2 Outline Security requirements for web data. Basic concepts of XML Security policies for XML data protection and release Access control mechanisms for XML data XML-based specification of security informaiton XML security: future trends Pag. 3 Web Data: Protection Requirements The web is becoming the main informaiton dissemination means for many organizations Strong need for models and mechanisms enabling the specification and enforcement of security policies for web data protection and release Pag. 4 Web Data In the web environment, information distribution often takes the form of documents that are made available at Web servers, or that are actively broadcasted by Web servers to interested clients Documents may also be exchanged among the various servers Pag. 5 Web Docs: Protection Requirements Web documents may have a nested or hierarchical, inter-linked structure Different portions of the same document may have different protection requirements We need a wide spectrum of protection granularity levels Pag. 6 Web Docs: Protection Requirements Web documents may have an associated description of their structure: DTDs and XML Schemas for XML documents Data models for describing the logical organization of data into web pages Policies specified both at the schema and at the instance level Pag. 7 Web Docs: Protection Requirements Documents with the same type and structure may have contents of different sensitivity degree: Policies that take the document content into account (content-based policies) Pag. 8 Web Docs: Protection Requirements Supporting fine-grained policies could lead to the specification of a, possibly high, number of access control policies: Need of mechanisms for exception management and authorization propagation Pag. 9 Web Docs: Protection Requirements Heterogeneity of subjects: Subjects accessing a web source may be characterized by different skills and needs and may dynamically change Conventional identity-based .