IEEE Transactions on Software Engineering
A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Design of LDV: A Multilevel Secure Relational Database Management
IEEE Transactions on Knowledge and Data Engineering
Structural Properties of XPath Fragments
ICDT '03 Proceedings of the 9th International Conference on Database Theory
View-Based Access Control with High Assurance
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
XML access control using static analysis
Proceedings of the 10th ACM conference on Computer and communications security
Derived access control specification for XML
Proceedings of the 2003 ACM workshop on XML security
Specifying access control policies for XML documents with XPath
Proceedings of the ninth ACM symposium on Access control models and technologies
A role-based approach to access control for XML databases
Proceedings of the ninth ACM symposium on Access control models and technologies
Secure XML querying with security views
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Efficient algorithms for processing XPath queries
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Optimizing the secure evaluation of twig queries
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Incremental adaptation of XPath access control views
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
On the efficiency of secure XML broadcasting
Information Sciences: an International Journal
ACCOn: checking consistency of XML write-access control policies
EDBT '08 Proceedings of the 11th international conference on Extending database technology: Advances in database technology
A general approach to securely querying XML
Computer Standards & Interfaces
DBPL '09 Proceedings of the 12th International Symposium on Database Programming Languages
Precomputing queries for personal health sensor environments
Proceedings of the International Conference on Management of Emergent Digital EcoSystems
Query rewriting algorithm evaluation for XML security views
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Repairing inconsistent XML write-access control policies
DBPL'07 Proceedings of the 11th international conference on Database programming languages
Privacy-aware access control in XML databases
ADC '10 Proceedings of the Twenty-First Australasian Conference on Database Technologies - Volume 104
Optimizing XML data with view fragments
ADC '10 Proceedings of the Twenty-First Australasian Conference on Database Technologies - Volume 104
QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata
The VLDB Journal — The International Journal on Very Large Data Bases
Policy classes and query rewriting algorithm for XML security views
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Query translation for XPath-based security views
EDBT'06 Proceedings of the 2006 international conference on Current Trends in Database Technology
Secure querying of recursive XML views: a standard xpath-based technique
Proceedings of the 21st international conference companion on World Wide Web
Secure XML querying based on authorization graphs
Information Systems Frontiers
Pragmatic XML access control using off-the-shelf RDBMS
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Consistency and repair for XML write-access control policies
The VLDB Journal — The International Journal on Very Large Data Bases
HyXAC: a hybrid approach for XML access control
Proceedings of the 18th ACM symposium on Access control models and technologies
| Hi-index | 0.00 |
We investigate a generalization of the notion of XML security view introduced by Stoica and Farkas [17] and later refined by Fan et al. [8]. The model consists of access control policies specified over DTDs with XPath expression for data-dependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that can be used by users for query formulation and optimization. Then we show an algorithm to materialize "authorized" version of the document from the view and an algorithm to construct the view from an access control specification. We also propose a number of generalizations for security policies.