XML Security Views Revisited

Authors:
Benoît Groz;Sławomir Staworko;Anne-Cecile Caron;Yves Roos;Sophie Tison
Affiliations:
Mostrare project, INRIA Lille Nord-Europe & LIFL (CNRS UMR8022), and University of Lille 1, and ENS Cachan,;Mostrare project, INRIA Lille Nord-Europe & LIFL (CNRS UMR8022),;Mostrare project, INRIA Lille Nord-Europe & LIFL (CNRS UMR8022), and University of Lille 1,;Mostrare project, INRIA Lille Nord-Europe & LIFL (CNRS UMR8022), and University of Lille 1,;Mostrare project, INRIA Lille Nord-Europe & LIFL (CNRS UMR8022), and University of Lille 1,
Venue:
DBPL '09 Proceedings of the 12th International Symposium on Database Programming Languages
Year:
2009

Citing 15
Cited 4

On Context-Free Languages

Journal of the ACM (JACM)
DTD inference for views of XML data

PODS '00 Proceedings of the nineteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
XPath Containment in the Presence of Disjunction, DTDs, and Variables

ICDT '03 Proceedings of the 9th International Conference on Database Theory
Secure XML querying with security views

SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Generalized XML security views

Proceedings of the tenth ACM symposium on Access control models and technologies
SMOQE: a system for providing secure access to XML

VLDB '06 Proceedings of the 32nd international conference on Very large data bases
Expressiveness and complexity of XML Schema

ACM Transactions on Database Systems (TODS)
XPath, transitive closure logic, and nested tree walking automata

Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Non-canonical parsing

SWAT '73 Proceedings of the 14th Annual Symposium on Switching and Automata Theory (swat 1973)
Reasoning about XML with Temporal Logics and Automata

LPAR '08 Proceedings of the 15th International Conference on Logic for Programming, Artificial Intelligence, and Reasoning
Query translation from XPath to SQL in the presence of recursive DTDs

The VLDB Journal — The International Journal on Very Large Data Bases
Query rewriting algorithm evaluation for XML security views

SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Policy classes and query rewriting algorithm for XML security views

DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
XML subtree queries: specification and composition

DBPL'05 Proceedings of the 10th international conference on Database Programming Languages
Query translation for XPath-based security views

EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology

View update translation for XML

Proceedings of the 14th International Conference on Database Theory
Secure querying of recursive XML views: a standard xpath-based technique

Proceedings of the 21st international conference companion on World Wide Web
On securely manipulating XML data

FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
SVMAX: a system for secure and valid manipulation of XML data

Proceedings of the 17th International Database Engineering & Applications Symposium

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper, we revisit the view based security framework for XML without imposing any of the previously considered restrictions on the class of queries, the class of DTDs, and the type of annotations used to define the view. First, we show that the full class of Regular XPath queries is closed under query rewriting . Next, we address the problem of constructing a DTD that describes the view schema, which in general needs not be regular. We propose three different methods of approximating the view schema and we show that the produced DTDs are indistinguishable from the exact schema (with queries from a class specific for each method). Finally, we investigate problems of static analysis of security access specifications.