Database security
Extensible markup language (XML) part 2: linking
World Wide Web Journal - Special issue on XML: principles, tools, and techniques
Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Professional XML Databases
An Authorization Model for a Distributed Hypertext System
IEEE Transactions on Knowledge and Data Engineering
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Beginning XML
XMark: a benchmark for XML data management
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
An authorization model for XML databases
SWS '04 Proceedings of the 2004 workshop on Secure web service
ACM Transactions on Information and System Security (TISSEC)
Incremental adaptation of XPath access control views
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Formalizing XML access control for update operations
Proceedings of the 12th ACM symposium on Access control models and technologies
The Halting Problem and Undecidability of Document Generation under Access Control for Tree Updates
LATA '09 Proceedings of the 3rd International Conference on Language and Automata Theory and Applications
Precomputing queries for personal health sensor environments
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
Repairing inconsistent XML write-access control policies
DBPL'07 Proceedings of the 11th international conference on Database programming languages
Rewrite-based verification of XML updates
Proceedings of the 12th international ACM SIGPLAN symposium on Principles and practice of declarative programming
Optimizing XML data with view fragments
ADC '10 Proceedings of the Twenty-First Australasian Conference on Database Technologies - Volume 104
A schemaguide for accelerating the view adaptation process
ER'10 Proceedings of the 29th international conference on Conceptual modeling
Information and Computation
A formal access control model for XML databases
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Access policy sheet for access control in fine-grained XML
EUC'05 Proceedings of the 2005 international conference on Embedded and Ubiquitous Computing
Enforce mandatory access control policy on XML documents
ICICS'05 Proceedings of the 7th international conference on Information and Communications Security
Consistency and repair for XML write-access control policies
The VLDB Journal — The International Journal on Very Large Data Bases
Hi-index | 0.00 |
As a large quantity of information is presented in XML format on the Web, there are increasing demands for XML security. Until now, research on XML security has been focused on the security of data communication using digital signatures or encryption technologies. As XML is also used for a data representation of data storage, XML security comes to involve not only communication security but also managerial security. Managerial security is guaranteed through access control, but existing XML access control models consider only read queries. These models may make some problems when unauthorized users try to change XML documents or their structure. Therefore the access control of update queries must be executed correctly and efficiently as well as read queries. In this paper, we discuss an XML access control model and propose a technique that supports not only read operations but also update operations. We define new action types to systematically manage complex information of access right and to process various update queries in an efficient manner. Using these action types, the system can save memory and other system resources that are used in DOM-based DTD verification process, and shortens the overall steps of access control by filtering unnecessary queries out at the early stage. Although for read queries the proposed access control model introduces a minor overhead in determining action types, for update queries it shows better performance compared to existing access control models.