Report EDI-INF-RR-0725

Informatics Report Series

Report

EDI-INF-RR-0725

Related Pages

Report (by Number) Index
Report (by Date) Index
Author Index
Institute Index

Home

Title:Secure XML Querying with Security Views

Authors: Wenfei Fan ; MInos Garofalakis ; Chee Yong Chan

Date:Jun 2004

Publication Title:Proceedings of SIGMOD 2004 (International Conference on Management of Data)

Publisher:ACM

Publication Type:Conference Paper Publication Status:Published

Page Nos:587-598

DOI:10.1145/1007568.1007634 ISBN/ISSN:1-58113-85

Abstract:: The prevalent use of XML highlights the need for a generic, flexible access-control mechanism for XML documents that supports efficient and secure query access, without revealing sensitive information to unauthorized users. This paper introduces a novel paradigm for specifying XML security constraints and investigates the enforcement of such constraints during XML query evaluation. Our approach is based on the novel concept of security views, which provide for each user group (a) an XML view consisting of all and only the information that the users are authorized to access, and (b) a view DTD that the XML view conforms to. Security views effectively protect sensitive data from access and potential inferences by unauthorized users, and provide authorized users with necessary schema information to facilitate effective query formulation and optimization. We propose an efficient algorithm for deriving security view definitions from security policies (defined on the original document DTD) for different user groups. We also develop novel algorithms for XPath query rewriting and optimization such that queries over security views can be efficiently answered without materializing the views. Our algorithms transform a query over a security view to an equivalent query over the original document, and effectively prune query nodes by exploiting the structural properties of the document DTD in conjunction with approximate XPath containment tests. Our work is the first to study a flexible, DTD-based access-control model for XML and its implications on the XML query-execution engine. Furthermore, it is among the first efforts for query rewriting and optimization in the presence of general DTDs for a rich class of XPath queries. An empirical study based on real-life DTDs verifies the effectiveness of our approac

Links To Paper
The ACM Digital Library

Bibtex format
@InProceedings{EDI-INF-RR-0725,: author = { Wenfei Fan and MInos Garofalakis and Chee Yong Chan },; title = {Secure XML Querying with Security Views},; book title = {Proceedings of SIGMOD 2004 (International Conference on Management of Data)},; publisher = {ACM},; year = 2004,; month = {Jun},; pages = {587-598},; doi = {10.1145/1007568.1007634},; url = {http://portal.acm.org/citation.cfm?id=1007634},
}

Home : Publications : Report

Please mail <reports@inf.ed.ac.uk> with any changes or corrections.
Unless explicitly stated otherwise, all material is copyright The University of Edinburgh