IEEE Transactions on Software Engineering
A flexible authorization mechanism for relational data management systems
ACM Transactions on Information Systems (TOIS)
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Design of LDV: A Multilevel Secure Relational Database Management
IEEE Transactions on Knowledge and Data Engineering
Author-X: A Java-Based System for XML Data Protection
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Regulating access to XML documents
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
LockX: a system for efficiently querying secure XML
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
View-Based Access Control with High Assurance
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
XML access control using static analysis
Proceedings of the 10th ACM conference on Computer and communications security
Derived access control specification for XML
Proceedings of the 2003 ACM workshop on XML security
RDF metadata for XML access control
Proceedings of the 2003 ACM workshop on XML security
A role-based approach to access control for XML databases
Proceedings of the ninth ACM symposium on Access control models and technologies
A compressed accessibility map for XML
ACM Transactions on Database Systems (TODS)
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Generalized XML security views
Proceedings of the tenth ACM symposium on Access control models and technologies
Integration and Efficient Lookup of Compressed XML Accessibility Maps
IEEE Transactions on Knowledge and Data Engineering
Applying hierarchical and role-based access control to XML documents
SWS '04 Proceedings of the 2004 workshop on Secure web service
Compact Access Control Labeling for Efficient Secure XML Query Evaluation
ICDEW '05 Proceedings of the 21st International Conference on Data Engineering Workshops
SMOQE: a system for providing secure access to XML
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
Efficient algorithms for processing XPath queries
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Optimizing the secure evaluation of twig queries
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
DTD-directed publishing with attribute translation grammars
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Client-based access control management for XML documents
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Secure XML publishing without information leakage in the presence of data inference
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Policy classes and query rewriting algorithm for XML security views
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
XML access control with policy matching tree
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
DBPL '09 Proceedings of the 12th International Symposium on Database Programming Languages
View update translation for XML
Proceedings of the 14th International Conference on Database Theory
FMAMS: Fuzzy Mapping Approach for Mediation Systems
International Journal of Applied Evolutionary Computation
| Hi-index | 0.00 |
We investigate the experimental effectiveness of query rewriting over XML security views. Our model consists of access control policies specified over DTDs with XPath expression for data-dependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that is used by users for query formulation. To avoid the overhead of view materialization in query answering, these queries later undergo rewriting so that they are valid over the original DTD schema, and thus the query answer is computed fromthe original XML data. We provide an algorithm for query rewriting and show its performance compared with the naive approach, i.e. the approach that requires view materialization.