A static analysis using tree automata for XML access control

  • Authors:
  • Isao Yagi;Yoshiaki Takata;Hiroyuki Seki

  • Affiliations:
  • Graduate School of Information Science, Nara Institute of Science and technology;Graduate School of Information Science, Nara Institute of Science and technology;Graduate School of Information Science, Nara Institute of Science and technology

  • Venue:
  • ATVA'05 Proceedings of the Third international conference on Automated Technology for Verification and Analysis
  • Year:
  • 2005

Quantified Score

Hi-index 0.00

Visualization

Abstract

Recently, an access control for XML database is one of the key issues in database security. Given an access control policy and a query expression, static analysis determines whether the query does not access any elements nor attributes that are prohibited by the access control policies. In a related work, policies and queries were modeled as regular sets of paths in trees. However, this model loses information on the structure of the trees, and some policies cannot be represented by the model accurately. In this paper, we propose a formal model for access control of XML databases and provide a static analysis method based on tree automata theory. Both an access control policy and a query are modeled as tree automata, and a policy is provided with two alternative semantics; AND-semantics and OR-semantics. We investigate the computational complexity of the static analysis problem, and show that the problem in AND-semantics is solvable in square time while the problem in OR-semantics is EXPTIME-complete.