XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Consistently updating XML documents using incremental constraint check queries
Proceedings of the 4th international workshop on Web information and data management
XML access control using static analysis
Proceedings of the 10th ACM conference on Computer and communications security
Extending xQuery with transformation operators
Proceedings of the 2003 ACM symposium on Document engineering
Access control of XML documents considering update operations
Proceedings of the 2003 ACM workshop on XML security
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Access control for XML: a dynamic query rewriting approach
Proceedings of the 14th ACM international conference on Information and knowledge management
An access control model for querying XML data
Proceedings of the 2005 workshop on Secure web services
ACM Transactions on Information and System Security (TISSEC)
From XML view updates to relational view updates: old solutions to a new problem
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
A formal access control model for XML databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
A general approach to securely querying XML
Computer Standards & Interfaces
The Halting Problem and Undecidability of Document Generation under Access Control for Tree Updates
LATA '09 Proceedings of the 3rd International Conference on Language and Automata Theory and Applications
Information and Computation
QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata
The VLDB Journal — The International Journal on Very Large Data Bases
Hi-index | 0.00 |
We study the problem of updating XML repository through security views. Users are provided with the view of the repository schema they are entitled to see. They write update requests over their view using the XUpdate language. Each request is processed in two rewriting steps. First, the XPath expression selecting the nodes to update from the view is rewritten to another expression that only selects nodes the user is permitted to see. Second the XUpdate query is refined according to the write privileges held by the user.