Defining and Enforcing XACML Role-based Security Policies within an XML Security Framework

Alberto De la Rosa Algarín; Timoteus B. Ziminski; Steven A. Demurjian; Robert Kuykendall; Yaira K. Rivera Sánchez

doi:10.5220/0004366200160025

Defining and Enforcing XACML Role-based Security Policies within an XML Security Framework

Alberto De la Rosa Algarín, Timoteus B. Ziminski, Steven A. Demurjian, Robert Kuykendall, Yaira K. Rivera Sánchez

2013

Abstract

Securing electronic data has evolved into an important requirement in domains such as health care informatics, with the eXtensible Markup Language (XML) utilized to create standards such as the Clinical Document Architecture and the Continuity of Care Record, which have led to a need for approaches to secure XML schemas and documents. In this paper, we present a method for generating eXtensible Access Control Markup Language (XACML) policies that target XML schemas and their instances, allowing instances to be customized for users depending on their roles. To do so, we extend the Unified Modeling Language (UML) with two new diagrams to model XML: the XML Schema Class Diagram (XSCD) to define the structure of an XML document in UML style; and the XML Role-Slice Diagram (XRSD) to define roles and associated privileges at a granular access control level. In the process, we separate the XML schemas of an application from its security definition in XRSD. To demonstrate the enforcement of our approach, we utilize a personal health assistant mobile application for health information management, which allows patients to share personal health data with providers utilizing XACML for security definition.

Download

Paper Citation

in Harvard Style

De la Rosa Algarín A., B. Ziminski T., A. Demurjian S., Kuykendall R. and K. Rivera Sánchez Y. (2013). Defining and Enforcing XACML Role-based Security Policies within an XML Security Framework . In Proceedings of the 9th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-8565-54-9, pages 16-25. DOI: 10.5220/0004366200160025

in Bibtex Style

@conference{webist13,
author={Alberto De la Rosa Algarín and Timoteus B. Ziminski and Steven A. Demurjian and Robert Kuykendall and Yaira K. Rivera Sánchez},
title={Defining and Enforcing XACML Role-based Security Policies within an XML Security Framework},
booktitle={Proceedings of the 9th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2013},
pages={16-25},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0004366200160025},
isbn={978-989-8565-54-9},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 9th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - Defining and Enforcing XACML Role-based Security Policies within an XML Security Framework
SN - 978-989-8565-54-9
AU - De la Rosa Algarín A.
AU - B. Ziminski T.
AU - A. Demurjian S.
AU - Kuykendall R.
AU - K. Rivera Sánchez Y.
PY - 2013
SP - 16
EP - 25
DO - 10.5220/0004366200160025