Application of XML tools for enterprise-wide RBAC implementation tasks
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
Minimization of tree pattern queries
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
A cryptographic solution to implement access control in a hierarchy and more
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Containment and equivalence for an XPath fragment
Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Executing SQL over encrypted data in the database-service-provider model
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Securing XML Documents with Author-X
IEEE Internet Computing
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Regulating access to XML documents
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
XPath queries on streaming data
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Introduction to Automata Theory, Languages, and Computation (3rd Edition)
Introduction to Automata Theory, Languages, and Computation (3rd Edition)
Chip-secured data access: confidential data on untrusted servers
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Optimizing the secure evaluation of twig queries
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
GnatDb: a small-footprint, secure database system
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Path queries on compressed XML
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Relevancy based access control of versioned XML documents
Proceedings of the tenth ACM symposium on Access control models and technologies
Safe data sharing and data dissemination on smart devices
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
The case for access control on XML relationships
Proceedings of the 14th ACM international conference on Information and knowledge management
Relevancy-based access control and its evaluation on versioned XML documents
ACM Transactions on Information and System Security (TISSEC)
Homeviews: peer-to-peer middleware for personal data sharing applications
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
On the efficiency of secure XML broadcasting
Information Sciences: an International Journal
A general approach to securely querying XML
Computer Standards & Interfaces
Adaptive Solutions for Access Control within Pervasive Healthcare Systems
ICOST '08 Proceedings of the 6th international conference on Smart Homes and Health Telematics
Distributed Privilege Enforcement in PACS
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Query rewriting algorithm evaluation for XML security views
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Light-weight access control scheme for XML data
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part II
Efficient access control labeling scheme for secure XML query processing
Computer Standards & Interfaces
QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata
The VLDB Journal — The International Journal on Very Large Data Bases
Authorization-Transparent access control for XML under the non-truman model
EDBT'06 Proceedings of the 10th international conference on Advances in Database Technology
An approach for XML inference control based on RDF
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
Orchestrating access control in peer data management systems
EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology
Secure XML querying based on authorization graphs
Information Systems Frontiers
Pragmatic XML access control using off-the-shelf RDBMS
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
HyXAC: a hybrid approach for XML access control
Proceedings of the 18th ACM symposium on Access control models and technologies
| Hi-index | 0.02 |
The erosion of trust put in traditional database servers and in Database Service Providers, the growing interest for different forms of data dissemination and the concern for protecting children from suspicious Internet content are different factors that lead to move the access control from servers to clients. Several encryption schemes can be used to serve this purpose but all suffer from a static way of sharing data. With the emergence of hardware and software security elements on client devices, more dynamic client-based access control schemes can be devised. This paper proposes an efficient client-based evaluator of access control rules for regulating access to XML documents. This evaluator takes benefit from a dedicated index to quickly converge towards the authorized parts of a - potentially streaming - document. Additional security mecanisms guarantee that prohibited data can never be disclosed during the processing and that the input document is protected from any form of tampering. Experiments on synthetic and real datasets demonstrate the effectiveness of the approach.