Understanding the new SQL: a complete guide
Understanding the new SQL: a complete guide
The complexity of querying indefinite data about linearly ordered domains
Journal of Computer and System Sciences - Special issue: dedicated to the memory of Paris Kanellakis
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
SilkRoute: A framework for publishing relational data in XML
ACM Transactions on Database Systems (TODS)
A temporal key management scheme for secure broadcasting of XML documents
Proceedings of the 9th ACM conference on Computer and communications security
Securing XML Documents with Author-X
IEEE Internet Computing
Conjunctive Query Containment Revisited
ICDT '97 Proceedings of the 6th International Conference on Database Theory
Efficiently publishing relational data as XML documents
The VLDB Journal — The International Journal on Very Large Data Bases
Theoretical Computer Science - Database theory
Optimal implementation of conjunctive queries in relational data bases
STOC '77 Proceedings of the ninth annual ACM symposium on Theory of computing
Role-Based Access Control
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Designing information-preserving mapping schemes for XML
VLDB '05 Proceedings of the 31st international conference on Very large data bases
Applying hierarchical and role-based access control to XML documents
SWS '04 Proceedings of the 2004 workshop on Secure web service
DTD-directed publishing with attribute translation grammars
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Expressiveness and complexity of XML publishing transducers
ACM Transactions on Database Systems (TODS)
Xml publishing: bridging theory and practice
DBPL'07 Proceedings of the 11th international conference on Database programming languages
Access control policy translation and verification within heterogeneous data federations
Proceedings of the 15th ACM symposium on Access control models and technologies
| Hi-index | 0.00 |
Data federations provide seamless access to multiple heterogeneous and autonomous data sources pertaining to a large organization. As each source database defines its own access control policies for a set of local identities, enforcing such policies across the federation becomes a challenge. In this article, we first consider the problem of translating existing access control policies defined over source databases in a manner that allows the original semantics to be observed while becoming applicable across the entire data federation. We show that such a translation is always possible, and provide an algorithm for automating the translation. We show that verifying whether a translated policy obeys the semantics of the original access control policy defined over a source database is intractable, even under restrictive scenarios. We then describe a practical algorithmic framework for translating relational access control policies into their XML equivalent, expressed in the eXtensible Access Control Markup Language. Finally, we examine the difficulty of minimizing translated policies, and contribute a minimization algorithm applicable to nonrecursive translated policies.