Skip to main content
SpringerLink
Log in

Design of access control system for telemedicine secure XML documents

  • Published:
Multimedia Tools and Applications Aims and scope Submit manuscript

Abstract

XML can supply the standard data type in information exchange format on a lot of data generated in running database or applied programs for a company by using the advantage that it can describe meaningful information directly. Accordingly since there are increasing needs for the efficient management and telemedicine security of the massive volume of XML data, it is necessary to develop a secure access control mechanism for XML. The existing access control has not taken information structures and semantics into full consideration due to the fundamental limitations of HTML. In addition, access control for XML documents allows read operations only, and there are problems of slowing down the system performance due to the complex authorization evaluation process. To resolve this problem, this paper designs and builds a XACS (XML Access Control System), which is capable of making fined-grained access control. This only provides data corresponding to its users’ authority levels by authorizing them to access only the specific items of XML documents when they are searching XML documents in telemedicine. To accomplish this, XACS eliminates certain parts of the documents that are inaccessible and transmits the parts accessible depending on the users’ authority levels. In addition, it can be expanded to existing web servers because XML documents are used based on the normal web sites. The telemedicine secure and the guidelines are provided to enable quick and precise understanding of the information, and thus the safety enhancement gets improved. Ultimately, this paper suggests an empirical telemedicine application to confirm the adequacy and validity using the proposed method.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Adler S, Berglund A, Caruso J, Deach S, Graham T, Grosso P, Gutentag E, Milowski A, Parnell S, Richman J, Zilles S (2001) “Extensible stylesheet language (XSL) version 1.0,” World Wide Web Consortium (W3C), Available at http://www.w3.org/TR/xsl

  2. Agostino Ardagna C, Damiani E, De Capitani di Vimercati S, Samarati P (2005) “A Web Service Architecture for Enforcing Access Control Policies,” Elsevier B.V,

  3. Apache Software Foundation (2001) “Xalan-J version,” 2.2.d14. Available at http://xml.apache.org/xalan-j/

  4. Baek SJ, Han JS, Chung KY (2013) Dynamic reconfiguration based on goal-scenario by adaptation strategy. Wirel Pers Commun 73(2):309–318

    Google Scholar 

  5. Bartel M, Boyer J, Fox B, LaMacchia B, Simon E (2002) “XML Signature Syntax and Processing,” http://www.w3.org/TR/xmldsig-core/

  6. Berners-Lee T, Fielding R, Irvine UC, Masinter L (1998) “Uniform resource identifiers (URI): Generic syntax”, Available at http://www.isi.edu/in-notes/rfc2396.txt

  7. Bertino E, Braun M, Castano S, Ferrari E, Mesiti M (2000) “Author-X: a java-based system for XML data protection,” Technical report, Dipartimento di Scienze dell’ Informazione, University of Milano, submitted for publication

  8. Bertino E, Castano S, Ferrari E (2001) Securing XML documents with author-x. IEEE Internet Comput 5(3):21–31

    Google Scholar 

  9. Bertino E, Ferrari E (2002) Secure and selective dissemination of XML documents. J ACM Trans Inf Syst Secur 5(3):290–331

    Article  Google Scholar 

  10. Biron P, Malhotra A (2001) “XML schema part 2: Datatypes”, World Wide Web Consortium (W3C), Available at http://www.w3.org/TR/xmlschema-2

  11. Bray T, Paoli J, Sperbera-Gcqueen C, Maler E (2000) “Extensible markup language (XML) 1.0 (second edition),” World Wide Web Consortium (W3C), Available at http://www.w3.org/TR/REC-xml

  12. Bray T et al (2000) “Extensible Markup Language (XML) 1.0,” World Wide Web Consortium (W3C), http://www.w3c.org/TR/REC-xml, October 2000

  13. Chung KY (2013) Recent trends on convergence and ubiquitous computing. Pers Ubiquit Comput. doi:10.1007/s00779-013-0743-2

    Google Scholar 

  14. Chung KY, Na YJ, Lee JH (2013) Interactive design recommendation using sensor based smart wear and weather WebBot. Wirel Pers Commun 73(2):243–256

    Google Scholar 

  15. Content Guard (2001) “eXtensible Rights Markup Language (XrML) 2.0,” Available at http://www.xrml.org

  16. Damiani E, Vimercati S, Paraboschi S, Samarati P (2000) “Design and implementation of an access control processor for xml documents,” in proceedings of the 9th International WWW conference, Amsterdam, pp 55–75

  17. Derose S, Maler E, Orchard D (2001) “XML linking language (XLink) version 1.0.,” World Wide Web Consortium (W3C), Available at http://www.w3.org/TR/xlink

  18. Deutsch A, Fernandez M, Florescu D, Levy A, Suciu D (1999) “A Query Language for XML,” In International Conference on World Wide Web, http://www8.org/

  19. Deutsch A, Tannen V (2001) “Containment and integrity constraints for xpath,” In Proceedings of the Eighth InternationalWorkshop on Knowledge Representation Meets Databases (Rome), September 2001

  20. Devanbu P, Gertz M, Kwong A, Martel C, Nuckolls G, Tubblebine S (2001) “Flexible authentication of XML documents,” In Proceedings of the Eighth ACM Conference on Computer and Communications Security (Philadelphia), November 2001

  21. Sabrina De Capitani di Vimercati (2002) “An authorization model for temporal XML documents,” Proceedings of the 2002 ACM Symposium on Applied computing (SAC’02), pp 1088–1093, March 2002

  22. Document Object Model (DOM) (2002) Avaiable at http://www.w3.org/DOM/

  23. Gabillon A, Bruno E (2001) “Regulating access to XML documents,” In Proc. of the Fifteenth Annual IFIP WG 11.3 Working Conference on Database Security

  24. Hada S, Kudo M (2002) “XML access control language: provisional authorization for XML documents,” www.trl.ibm.com/projects/, pp 1–28

  25. Han JS, Chung KY, Kim GJ (2013) Policy on literature content based on software as service. Multimedia Tools Appl. doi:10.1007/s11042-013-1664-9

    Google Scholar 

  26. Jo SM, Chung KY (2008) Policy system of data access control for web service. J Korea Contents Assoc 8(11):25–32

    Article  Google Scholar 

  27. Jo SM, Chung KY (2009) Efficient authorization method for XML document security. J Korea Contents Assoc 9(8):113–120

    Article  Google Scholar 

  28. Jo SM, Chung KY (2011) “Access Control Mechanism for XML Document”, In Proc. of the International Conference IT Convergence and Security, LNEE 120, pp 81–90, Springer

  29. Jung H, Chung KY (2013) Mining based associative image filtering using harmonic mean. Clust Comput. doi:10.1007/s10586-013-0318-z

    Google Scholar 

  30. Jung YG, Han MS, Chung KY, Lee SJ (2011) A study of a valid frequency range using correlation analysis of throat signal. Inf Int Interdiscip J 14(11):3791–3799

    Google Scholar 

  31. Jung EY, Kim JH, Chung KY, Park DK (2013) Home health gateway based healthcare services through U-health platform. Wirel Pers Commun 73(2):207–218

    Google Scholar 

  32. Kim JH, Chung KY (2013) Ontology-based healthcare context information model to implement ubiquitous environment. Multimedia Tools Appl. doi:10.1007/s11042-011-0919-6

    Google Scholar 

  33. Kudoh M, Hirayama Y, Hada S, Vollschwitz A (2000) “Access control specification based on policy evaluation and enforcement model and specification language,” In Symposium on Cryptograpy and Information Security, SCIS

  34. Lee KD, Nam MY, Chung KY, Lee YH, Kang UG (2013) Context and profile based cascade classifier for efficient people detection and safety care system. Multimedia Tools Appl 63(1):27–44

    Article  Google Scholar 

  35. Lim HC, Park S, Son HH (2003) “Access Control of XML documents Considering Update Operations,” In Proc. of the 10th ACM Workshop on XML Security, Fairfax USA

  36. Murat M, Tozawa A, Kudo M, Hada S (2006) Xml access control using static analysis. J ACM Trans Inf Syst Secur

  37. OASIS, “OASIS eXtensible Access Control Markup Language (XACML),” Working Draft 14, http://www.oasis-open.org/committees/xacml/docs/, June 2002

  38. Park RC, Jung H, Chung KY (2014) “Picocell based Telemedicine Health Platform for Human UX/UI”, Multimedia Tools and Applications

  39. Samarati P, De Capitani di Vimercati S (2001) “Access control: Policies, models, and mechanisms,” In Foundations of Security Analysis and Design, R. Focardi and R. Gorrieri, Eds., Lecture Notes in Computer Science, vol. 2171. Springer-Verlag, New York

  40. Schmidt A, Waas F, Kersten M, Florescu L, Manolescu D, Carey MJ, Busse R (2001) “The XML Benchmark Project,” Technical Report INS-R0103, CWI, Amsterdam, the Netherlands

  41. Sriram M, Arijit S, Yuqing W (2006) A Framework for access control for XML. J ACM Trans Syst Inf Secur 1–38

  42. Yu T, Srivastava D, Lakshmanan LVS, Jagadish HV (2004) A compressed accessibility map for XML. ACM Trans Database Syst 29(2):363–402

    Article  Google Scholar 

  43. Zhang N, Kacholia V, Ozsu MT (2004) “A succient physical storage scheme for efficient evaluation of path queries in XML,” in proc. 20th int. Conf. on Data Engineering, pp 54–65

Download references

Acknowledgments

This research was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education (2013R1A1A2059964).

Author information

Authors and Affiliations

  1. Department of Computer Information Technology Education, Paichai University, 155-40 Baejae-ro, Seo-Gu, Daejeon, 302-735, South Korea

    Sun-Moon Jo

  2. School of Computer Information Engineering, Sangji University, Usan-dong, Wonju-si, Gangwon-do, 220-702, South Korea

    Kyung-Yong Chung

Authors
  1. Sun-Moon Jo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kyung-Yong Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kyung-Yong Chung.

Additional information

This paper is significantly revised from an earlier version presented at [28].

Rights and permissions

Reprints and permissions

About this article

Cite this article

Jo, SM., Chung, KY. Design of access control system for telemedicine secure XML documents. Multimed Tools Appl 74, 2257–2271 (2015). https://doi.org/10.1007/s11042-014-1938-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11042-014-1938-x

Keywords

Search

Navigation