Consistent query answers in inconsistent databases
PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Communications of the ACM
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Access control of XML documents considering update operations
Proceedings of the 2003 ACM workshop on XML security
Specifying access control policies for XML documents with XPath
Proceedings of the ninth ACM symposium on Access control models and technologies
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Generalized XML security views
Proceedings of the tenth ACM symposium on Access control models and technologies
Role-Based access control consistency validation
Proceedings of the 2006 international symposium on Software testing and analysis
XML access control using static analysis
ACM Transactions on Information and System Security (TISSEC)
Reasoning about XML update constraints
Proceedings of the twenty-sixth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Formalizing XML access control for update operations
Proceedings of the 12th ACM symposium on Access control models and technologies
Repairing inconsistent XML write-access control policies
DBPL'07 Proceedings of the 11th international conference on Database programming languages
Complexity and approximation of fixing numerical attributes in databases under integrity constraints
DBPL'05 Proceedings of the 10th international conference on Database Programming Languages
ACCOn: checking consistency of XML write-access control policies
EDBT '08 Proceedings of the 11th international conference on Extending database technology: Advances in database technology
Repairing inconsistent XML write-access control policies
DBPL'07 Proceedings of the 11th international conference on Database programming languages
Information and Computation
Consistency and repair for XML write-access control policies
The VLDB Journal — The International Journal on Very Large Data Bases
On securely manipulating XML data
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
| Hi-index | 0.00 |
XML access control policies involving updates may contain security flaws, here called inconsistencies, in which a forbidden operation may be simulated by performing a sequence of allowed operations. This paper investigates the problem of deciding whether a policy is consistent, and if not, how its inconsistencies can be repaired. We consider policies expressed in terms of annotated DTDs defining which operations are allowed or denied for the XML trees that are instances of the DTD. We show that consistency is decidable in PTIME for such policies and that consistent partial policies can be extended to unique "least-privilege" consistent total policies. We also consider repair problems based on deleting privileges to restore consistency, show that finding minimal repairs is NP-complete, and give heuristics for finding repairs.