Disclosure by Answers to XPath Queries
نویسنده
چکیده
We consider information disclosure caused by answering queries to an XML database. We introduce an audit framework to determine ‘suspicious’ user queries, i.e. those queries that returned results being sufficient to derive disclosed secret information. We describe secret information in form of a secret query and provide a formal definition of ‘suspicious’ user queries based on what we call ‘readset fragments’, i.e. XML fragments that have been read to produce certain query result nodes. Our approach performs two steps to detect ‘suspicious’ user queries. First, we analyze the structure of user queries and of the secret query to exclude ‘non-suspicious’ queries. Second, we derive a formula from user query, query result and secret query, which is satisfiable if and only if the query is ‘non-suspicious’.
منابع مشابه
Answering XPath Queries over Networks by Sending Minimal Views
When a client submits a set of XPath queries to a XML database on a network, the set of answer sets sent back by the database may include redundancy in two ways: some elements may appear in more than one answer set, and some elements in some answer sets may be subelements of other elements in other (or the same) answer sets. Even when a client submits a single query, the answer can be self-redu...
متن کاملFuzzy XPath Queries in XQuery
We have recently designed a fuzzy extension of the XPath language which provides ranked answers to flexible queries taking profit of fuzzy variants of and, or and avg operators for XPath conditions, as well as two structural constraints, called down and deep, for which a certain degree of relevance is associated. In this work, we describe how to implement the proposed fuzzy XPath with the XQuer...
متن کاملDistributed Processing of XPath Queries Using MapReduce
In this paper we investigate the problem of efficiently evaluating XPath queries over large XML data stored in a distributed manner. We propose a MapReduce algorithm based on a query decomposition which computes all expected answers in one MapReduce step. The algorithm can be applied over large XML data which is given either as a single distributed document or as a collection of small XML docum...
متن کاملXPath Query Processing in a Functional-Logic Language
XPath is a well-known query language for finding and extracting information from XML documents. This paper shows how the characteristics of this domain-specific language fits very well into the functional-logic paradigm. The proposed framework allows the user to write XPath-like queries as first-class citizens of the functional-logic language T OY, using higher-order combinators for constructin...
متن کاملارائه روشی پویا جهت پاسخ به پرسوجوهای پیوسته تجمّعی اقتضایی
Data Streams are infinite, fast, time-stamp data elements which are received explosively. Generally, these elements need to be processed in an online, real-time way. So, algorithms to process data streams and answer queries on these streams are mostly one-pass. The execution of such algorithms has some challenges such as memory limitation, scheduling, and accuracy of answers. They will be more ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2008