XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Protection and administration of XML data sources
Data & Knowledge Engineering - Data and applications security
Securing XML Documents with Author-X
IEEE Internet Computing
EDBT '00 Proceedings of the 7th International Conference on Extending Database Technology: Advances in Database Technology
Regulating access to XML documents
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
XML access control using static analysis
Proceedings of the 10th ACM conference on Computer and communications security
Path sharing and predicate evaluation for high-performance XML filtering
ACM Transactions on Database Systems (TODS)
A role-based approach to access control for XML databases
Proceedings of the ninth ACM symposium on Access control models and technologies
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Generalized XML security views
Proceedings of the tenth ACM symposium on Access control models and technologies
The case for access control on XML relationships
Proceedings of the 14th ACM international conference on Information and knowledge management
A function-based access control model for XML databases
Proceedings of the 14th ACM international conference on Information and knowledge management
Access control for XML: a dynamic query rewriting approach
Proceedings of the 14th ACM international conference on Information and knowledge management
Graph Matching Based Authorization Model for Efficient Secure XML Querying
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 02
Compressed accessibility map: efficient access control for XML
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Optimizing the secure evaluation of twig queries
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
XMark: a benchmark for XML data management
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
On the efficiency of secure XML broadcasting
Information Sciences: an International Journal
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Client-based access control management for XML documents
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
An integrated access control for securely querying and updating XML data
ADC '08 Proceedings of the nineteenth conference on Australasian database - Volume 75
A general approach to securely querying XML
Computer Standards & Interfaces
A rewrite based approach for enforcing access constraints for XML
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
XML-BB: a model to handle relationships protection in XML documents
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
A formal access control model for XML databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
XDTM: the XML data type and mapping for specifying datasets
EGC'05 Proceedings of the 2005 European conference on Advances in Grid Computing
An efficient yet secure XML access control enforcement by safe and correct query modification
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
Secure query processing against encrypted XML data using Query-Aware Decryption
Information Sciences: an International Journal
Protection of relationships in XML documents with the XML-BB model
ICISS'05 Proceedings of the First international conference on Information Systems Security
A New Model for Secure Dissemination of XML Content
IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
XML-to-SQL query mapping in the presence of multi-valued schema mappings and recursive XML schemas
DEXA'07 Proceedings of the 18th international conference on Database and Expert Systems Applications
| Hi-index | 0.00 |
XML is rapidly emerging as a standard for data representation and exchange over the World Wide Web and an increasing amount of sensitive business data is processed in XML format. Therefore, it is critical to have control mechanisms to restrict a user to access only the parts of XML documents that she is authorized to access. In this paper, we propose the first DTD-based access control model that employs graph matching to analyze if an input query is fully acceptable, fully rejectable, or partially acceptable. In this way, there will be no further security overhead for the processing of fully acceptable and rejectable queries. For partially acceptable queries, we propose a graph-matching based authorization model for an optimized rewriting procedure in which a recursive query (query with descendant axis `//') will be rewritten into an equivalent recursive one if possible and into a non-recursive one only if necessary, resulting queries that can fully take advantage of structural join based query optimization techniques. Moreover, we propose an index structure for XML element types to speed up the query rewriting procedure, a facility that is potentially useful for applications with large DTDs. Our performance study results showed that our algorithms armed with rewriting indexes are promising.