Secure XML querying based on authorization graphs

نویسندگان

  • Artem Chebotko
  • Seunghan Chang
  • Shiyong Lu
  • Farshad Fotouhi
چکیده

XML is rapidly emerging as a standard for data representation and exchange over the World Wide Web and an increasing amount of sensitive business data is processed in XML format. Therefore, it is critical to have control mechanisms to restrict a user to access only the parts of XML documents that she is authorized to access. In this paper, we propose the first DTD-based access control model that employs graph matching to analyze if an input query is fully acceptable, fully rejectable, or partially acceptable. In this way, there will be no further security overhead for the processing of fully acceptable and rejectable queries. For partially acceptable queries, we propose a graph-matching based authorization model for an optimized rewriting procedure in which a recursive query (query with descendant axis ‘//’) will be rewritten A. Chebotko (B) Department of Computer Science, University of Texas-Pan American, 1201 W. University Drive, Edinburg, TX 78539-2999, USA e-mail: [email protected] S. Chang · S. Lu · F. Fotouhi Department of Computer Science, Wayne State University, 5143 Cass Avenue, Detroit, MI 48202, USA S. Chang e-mail: [email protected] S. Lu e-mail: [email protected] F. Fotouhi e-mail: [email protected] into an equivalent recursive one if possible and into a non-recursive one only if necessary, resulting queries that can fully take advantage of structural join based query optimization techniques. Moreover, we propose an index structure for XML element types to speed up the query rewriting procedure, a facility that is potentially useful for applications with large DTDs. Our performance study results showed that our algorithms armed with rewriting indexes are promising.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A General Approach to Securely Querying XML

Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user view on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against ...

متن کامل

A Dynamic Compressed Accessibility Map for Secure XML Querying and Updating

By specifying a fine-grained access control on the XML data, an accessibility map is required to determine the accessibility of XML nodes for a specific subject (e.g. user or role) under a specific action (e.g. read or write). In the recent years, several research works have been done to reduce the overall storage cost of accessibility map with rapid determination of accessibility of XML nodes ...

متن کامل

Authorization models for secure information sharing: a survey and research agenda

This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...

متن کامل

High-speed Access Control for Xml

One of the important tasks of managing eXtensible Markup Language (XML) documents is to uniformly specify and securely maintain both target documents and authorization policies. However‚ since existing techniques decouple access authorization from query processing‚ the query processing time with access control is not satisfactorily fast. The access control requires the overhead in addition to t...

متن کامل

SQS - A Secure XML Querying System

Contemporary XML database querying systems have to deal with a rapidly growing amount of data and a large number of users. As a consequence, if access control is used to protect sensitive XML data at a fine-grained level, it is inefficient when it comes to query evaluation, since it is difficult to enforce access control on each node in an XML document when the user’s view needs to be computed....

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Information Systems Frontiers

دوره 14  شماره 

صفحات  -

تاریخ انتشار 2012