Query rewriting for semistructured data
SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
Controlled access and dissemination of XML documents
Proceedings of the 2nd international workshop on Web information and data management
Optimising Web queries using document type definitions
Proceedings of the 2nd international workshop on Web information and data management
Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
On supporting containment queries in relational database management systems
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Securing XML Documents with Author-X
IEEE Internet Computing
VLDB '99 Proceedings of the 25th International Conference on Very Large Data Bases
A Fast Index for Semistructured Data
Proceedings of the 27th International Conference on Very Large Data Bases
Quilt: An XML Query Language for Heterogeneous Data Sources
Selected papers from the Third International Workshop WebDB 2000 on The World Wide Web and Databases
Author-X: A Java-Based System for XML Data Protection
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
LockX: a system for efficiently querying secure XML
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Specifying access control policies for XML documents with XPath
Proceedings of the ninth ACM symposium on Access control models and technologies
A compressed accessibility map for XML
ACM Transactions on Database Systems (TODS)
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Generalized XML security views
Proceedings of the tenth ACM symposium on Access control models and technologies
The case for access control on XML relationships
Proceedings of the 14th ACM international conference on Information and knowledge management
A function-based access control model for XML databases
Proceedings of the 14th ACM international conference on Information and knowledge management
Meta-data indexing for XPath location steps
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Compact access control labeling for efficient secure XML query evaluation
Data & Knowledge Engineering
The dynamic predicate: integrating access control with query processing in XML databases
The VLDB Journal — The International Journal on Very Large Data Bases
Dynamic access-control policies on XML encrypted data
ACM Transactions on Information and System Security (TISSEC)
Automaton segmentation: a new approach to preserve privacy in xml information brokering
Proceedings of the 14th ACM conference on Computer and communications security
XFlat: Query-friendly encrypted XML view publishing
Information Sciences: an International Journal
Client-based access control management for XML documents
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Proceedings of the 2nd international conference on Scalable information systems
A flexible mandatory access control policy for XML databases
Proceedings of the 2nd international conference on Scalable information systems
A practical mandatory access control model for XML databases
Information Sciences: an International Journal
The Halting Problem and Undecidability of Document Generation under Access Control for Tree Updates
LATA '09 Proceedings of the 3rd International Conference on Language and Automata Theory and Applications
A semantic cache framework for secure XML queries
Journal of Computer Science and Technology
Controlling Access to XML Documents over XML Native and Relational Databases
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Query rewriting algorithm evaluation for XML security views
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Security-conscious XML indexing
DASFAA'07 Proceedings of the 12th international conference on Database systems for advanced applications
Information and Computation
QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata
The VLDB Journal — The International Journal on Very Large Data Bases
Policy classes and query rewriting algorithm for XML security views
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
XFlat: query friendly encrypted XML view publishing
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
A model of XML access control with dual-level security views
APWeb'06 Proceedings of the 2006 international conference on Advanced Web and Network Technologies, and Applications
Authorization-Transparent access control for XML under the non-truman model
EDBT'06 Proceedings of the 10th international conference on Advances in Database Technology
XML access control with policy matching tree
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Secure XML querying based on authorization graphs
Information Systems Frontiers
Pragmatic XML access control using off-the-shelf RDBMS
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
HyXAC: a hybrid approach for XML access control
Proceedings of the 18th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
The rapid emergence of XML as a standard for data exchange over the Web has led to considerable interest in the problem of securing XML documents. In this context, query evaluation engines need to ensure that user queries only use and return XML data the user is allowed to access. These added access control checks can considerably increase query evaluation time. In this paper, we consider the problem of optimizing the secure evaluation of XML twig queries. We focus on the simple, but useful, multi-level access control model, where a security level can be either specified at an XML element, or inherited from its parent. For this model, secure query evaluation is possible by rewriting the query to use a recursive function that computes an element's security level. Based on security information in the DTD, we devise efficient algorithms that optimally determine when the recursive check can be eliminated, and when it can be simplified to just a local check on the element's attributes, without violating the access control policy. Finally, we experimentally evaluate the performance benefits of our techniques using a variety of XML data and queries.