IEEE Transactions on Software Engineering
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Introduction to Algorithms
Structural Properties of XPath Fragments
ICDT '03 Proceedings of the 9th International Conference on Database Theory
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Author-X: A Java-Based System for XML Data Protection
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Regulating access to XML documents
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
XML access control using static analysis
Proceedings of the 10th ACM conference on Computer and communications security
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Generalized XML security views
Proceedings of the tenth ACM symposium on Access control models and technologies
Efficient algorithms for processing XPath queries
ACM Transactions on Database Systems (TODS)
Optimizing the secure evaluation of twig queries
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
DBPL '09 Proceedings of the 12th International Symposium on Database Programming Languages
Query rewriting algorithm evaluation for XML security views
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
On securely manipulating XML data
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Hi-index | 0.00 |
Most state-of-the-art approaches of securing XML documents are based on a partial annotation of an XML tree with security labels which are later propagated to unlabeled nodes of the XML so that the resulting labeling is full (i.e. defined for every XML node). The first contribution of this paper is an investigation of possible alternatives for policy definition that lead to a fully annotated XML. We provide a classification of policies using different options of security label propagation and conflict resolution. Our second contribution is a generalized algorithm that constructs a full DTD annotation (from the the partial one) w.r.t. the policy classification. Finally, we discuss the query rewriting approach for our model of XML security views.