on specifying security policies for web documents with an xml-based language.pdf

On Specifying Security Policies for Web Documents with an XML-based Language Elisa Bertino Silvana Castano Elena Ferrari Dipartimento di Scienze Dipartimento di Scienze Dipartimento di Scienze dell’Informazione dell’Informazione dell’Informazione Universit`a degli Studi di Milano Universit`a degli Studi di Milano Universit`a degli Studi di Milano Via Comelico, 39/41 Via Comelico, 39/41 Via Comelico, 39/41 20135 Milano Italy 20135 Milano Italy 20135 Milano Italy bertino@dsi.unimi.it castano@dsi.unimi.it ferrarie@dsi.unimi.it ABSTRACT protection requirements for Web do cuments that in uence The rapid growth of the Web and the ease with which data the denition of the p olicies for their access and exchange can b e accessed facilitate the distribution and sharing of in- are related to the following characteristics. formation. Information dissemination often takes the form of do cuments that are made available at Web servers, or Protecting do cument contents in a selective and dif- that are actively broadcasted by Web servers to interested ferentiated way. Web do cuments may have a nested or clients. In this pap er, we present an XML-compliant for- hierarchical structure, b eing dened in terms of comp onents malism for sp ecifying security-related information for Web that can b e themselves organized into sub comp onents. M