Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
The case for access control on XML relationships
Proceedings of the 14th ACM international conference on Information and knowledge management
Access control for XML: a dynamic query rewriting approach
Proceedings of the 14th ACM international conference on Information and knowledge management
ACXESS - Access Control for XML with Enhanced Security Specifications
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
Compressed accessibility map: efficient access control for XML
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A formal access control model for XML databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Secure XML querying based on authorization graphs
Information Systems Frontiers
Hi-index | 0.00 |
Access control for semi-structured data is nontrivial, as witnessed by the number of access control approaches in literature. Recently, a case has been made for expressing access constraints at finer levels of granularity on data nodes and extending constraints to structural relationships. In this paper, we introduce a rewrite-based approach for access constraint enforcement, based on the ACXESS framework we developed at Indiana University. The ACXESS framework utilizes virtual security views and introduces a set of rewrite rules that takes advantage of the Security Annotated Schema (SAS) - an internal representation for virtual views. It is capable of rewriting user queries against security views into queries against the source data, while honoring the access constraints.