Extensible access control model for XML document collections

Abstract

This paper presents the XXACF (extensible Role-Based XML Access Control Framework) framework for controlling access to XML documents in different environments. The proposed access control definition language and the corresponding software architecture are described. The framework enables defining access control policies on different priority and granularity levels. The XXACF enables the enforcement of access control for different operations on XML documents, as well as different ways of access control enforcement for the same operation. This framework's configurability facilitates customization of particular implementations according to specific needs. Extensibility of XXACF framework is achieved by the possibility of extending the core functionality for specific requirements and also the addition of the new modules for context-sensitive access control.