XML fine-grained access control: a manifesto from Ernesto Damiani on 1999-07-31 (xml-encryption@w3.org from July 2000)

From: Ernesto Damiani <edamiani@telnetwork.it>
Date: Sat, 31 Jul 1999 14:22:18 +0200
To: <xml-encryption@w3.org>
Cc: <reagle@w3.org>
Message-ID: <009701bedb4f$56188760$472414c2@it.telnetwork.it>

Below is our argument why there needs to be both research and standardization of XML/RDF security technologies. If you are interested,
please contact us and join us in proposing a IETF BoF and/or a W3C Workshop.

XML fine-grained access control: a manifesto

1. Introduction
Born as a SGML-like standard for defining the structure and semantics of Web documents, XML is now being used as a general-purpose information interchange format in practically every application field of information technology. To name but a few, XML schemata and documents are being used by the database industry as a semi-structured format for datasource integration, by software engineers as a system description language (XMI/UXF), by architects of distributed systems as a lightweight technique for the invocation of remote services (e.g., SOAP) or as an agent communication language, by multimedia experts to specify both temporal and spatial synchronization of multimedia content (SMIL).
Though different from one another, all these application fields share the need to define access and usage policies at the granularity of XML
subtrees, from whole documents to single elements and attributes

2. Expressing Access Control Policies in XML
Our recent research work (some references are given below) has been led by the idea of using XML's own capabilities to specify such policies and to define their enforcement in terms of XML-based computations, taking advantage whenever possible of XML companion technologies such as DOM, SAX and XSL.
Using XML to express access and usage policies allows for naturally expressing such policies corporation-wide (associating a policy to an XML schema) and site-wide (associating a policy to a single XML document). In both cases, policies define access and usage permission at the granularity of XML elements and attributes.
Physically, access control policies are XML documents linked to the data they refer to via external XML links. Like usual metadata, access and usage policies expressed this way are both machine and human-readable; moreover, they can be transferred together with data, and processed via standard enforcement engines. Our prototype enforcement engine, XACP (XML Access Control Processor) was designed with this perspective in mind.

3. The Brokerage Problem
Controlled dissemination of information is at the basis of many current Web applications, where content providers supply information to be
redistributed by value-added brokers or resellers. Often, this scenario requires the content provider to make sure that specific access control policies are enforced by the reseller/broker. Allowing for a standard way of distributing such policies together with data, XML may pave the way to an interoperable, efficient solution of this problem.

4. Request for Comments
We are well aware that several other research groups from both academia and industry are now investigating problems related to XML and access control (notably, IBM Japan Research labs and Microsoft Research). In our opinion, early standardization will be critical for the practical impact of this work. We believe that discussion and exchange of ideas via the W3C list and, possibly, holding a W3C workshop on this subject could make future standardization easier. Some of the possible discussion topics are listed below:

1. Characteristics and expressive power of an XML based language for access control
2. Genericity of the language w.r.t. security models
3. Are Access Control Policies Metadata ? the role of RDF
4. SAX, DOM or XSL based enforcement engines
5. Performance and scalability of XML-based access control.

We hope this message will stimulate discussion among researchers on these and related topics.

Ernesto Damiani and Pierangela Samarati
----------------------------------------------------------------
Contact person:
Ernesto Damiani
Università di Milano, Polo di Crema
Via Bramante 65
26013 Crema, Italy
edamiani@crema.unimi.it

References:

E: Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati
"Securing XML Documents"
Proc. of EDBT 2000, Konstanz, Germany, March 2000. Lecture Notes in Computer Science 1777
E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati
"Design and Implementation of an Access Control Processor for XML Documents"
Computer Networks 2307/Proc. of WWW 9, Amsterdam, The Netherlands, May 2000
E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati
"XML Access Control Systems: A Component-Based Approach"
Proc. of the 14th IFIP 11.3 Working Conference in Database Security, Amsterdam, The Netherlands, August 2000

Received on Monday, 31 July 2000 08:33:52 UTC