XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Storing and querying ordered XML using a relational database system
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
EDBT '00 Proceedings of the 7th International Conference on Extending Database Technology: Advances in Database Technology
Polyinstantation for Cover Stories
ESORICS '92 Proceedings of the Second European Symposium on Research in Computer Security
Regulating access to XML documents
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Extending xQuery with transformation operators
Proceedings of the 2003 ACM symposium on Document engineering
Access control of XML documents considering update operations
Proceedings of the 2003 ACM workshop on XML security
Specifying access control policies for XML documents with XPath
Proceedings of the ninth ACM symposium on Access control models and technologies
Dynamically Updating XML Data: Numbering Scheme Revisited
World Wide Web
LSDX: a new labelling scheme for dynamically updating XML data
ADC '05 Proceedings of the 16th Australasian database conference - Volume 39
An authorization model for XML databases
SWS '04 Proceedings of the 2004 workshop on Secure web service
A general approach to securely querying XML
Computer Standards & Interfaces
A rewrite based approach for enforcing access constraints for XML
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
fQuery: SPARQL query rewriting to enforce data confidentiality
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Rewriting of SPARQL/update queries for securing data access
ICICS'10 Proceedings of the 12th international conference on Information and communications security
A formal language for specifying complex XML authorisations with temporal constraints
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Secure XML querying based on authorization graphs
Information Systems Frontiers
A graph-based formalism for controlling access to a digital library ontology
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
| Hi-index | 0.00 |
In this paper, we first define a logical theory representing an XML database supporting XPath as query language and XUpdate as modification language. We then extend our theory with predicates allowing us to specify the security policy protecting the database. The security policy includes rules addressing the read and write privileges. We propose axioms to derive the database view each user is permitted to see. We also propose axioms to derive the new database content after an update.