TY - JOUR
T1 - A content-based authorization model for digital libraries
AU - Adam, Nabil R.
AU - Atluri, Vijayalakshmi
AU - Bertino, Elisa
AU - Ferrari, Elena
N1 - Funding Information:
The authors would like to thank Nick J. Kozura, the Library of Congress and Dr. Rubens Medina, Law Librarian, Library of Congress, for their suggestions and comments on issues related to GLIN. Thanks are also due to Dr. Richard Holowczak for his help in integrating DLAM with his concept extractor and to Ugo Capuozzo for the implementation of DLAM. The work of V. Atluri was supported in part by the US National Science Foundation under grant IRI-9624222. The work of Elisa Bertino and Elena Ferrari is partially supported by CIMIC, Rutgers University, Newark, NJ, by the MURST under the Project Interdata and by the CSELT under the Project Advanced Data Management Functions for Web Data.
PY - 2002/3
Y1 - 2002/3
N2 - Digital Libraries (DLs) introduce several challenging requirements with respect to the formulation, specification, and enforcement of adequate data protection policies. Unlike conventional database environments, a DL environment typically is characterized by dynamic user population, often making accesses from remote locations, and by an extraordinarily large amount of multimedia information, stored in a variety of formats. Moreover, in a DL environment, access policies are often specified based on user qualifications and characteristics, rather than user identity (for example, a user can be given access to an R-rated video only if he/ she is older than 18 years). Another crucial requirement is the support for content-dependent authorizations on digital library objects (for example, all documents containing discussions on how to operate guns must be made available only to users who are 18 or older). Since traditional authorization models do not adequately meet access control requirements typical to DLs, in this paper, we propose a content-based authorization model suitable for a DL environment. Specifically, the most innovative features of our authorization model are: 1) flexible specification of authorizations based on the qualifications and characteristics of users (including positive and negative), 2) both content-dependent and content-independent access control to digital library objects, and 3) varying granularity of authorization objects ranging from sets of library objects to specific portions of objects.
AB - Digital Libraries (DLs) introduce several challenging requirements with respect to the formulation, specification, and enforcement of adequate data protection policies. Unlike conventional database environments, a DL environment typically is characterized by dynamic user population, often making accesses from remote locations, and by an extraordinarily large amount of multimedia information, stored in a variety of formats. Moreover, in a DL environment, access policies are often specified based on user qualifications and characteristics, rather than user identity (for example, a user can be given access to an R-rated video only if he/ she is older than 18 years). Another crucial requirement is the support for content-dependent authorizations on digital library objects (for example, all documents containing discussions on how to operate guns must be made available only to users who are 18 or older). Since traditional authorization models do not adequately meet access control requirements typical to DLs, in this paper, we propose a content-based authorization model suitable for a DL environment. Specifically, the most innovative features of our authorization model are: 1) flexible specification of authorizations based on the qualifications and characteristics of users (including positive and negative), 2) both content-dependent and content-independent access control to digital library objects, and 3) varying granularity of authorization objects ranging from sets of library objects to specific portions of objects.
KW - Access control
KW - Authorization
KW - Digital libraries
UR - http://www.scopus.com/inward/record.url?scp=0036510173&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=0036510173&partnerID=8YFLogxK
U2 - 10.1109/69.991718
DO - 10.1109/69.991718
M3 - Article
AN - SCOPUS:0036510173
SN - 1041-4347
VL - 14
SP - 296
EP - 315
JO - IEEE Transactions on Knowledge and Data Engineering
JF - IEEE Transactions on Knowledge and Data Engineering
IS - 2
ER -