QFilter: Fine-grained run-time XML access control via NFA-based query rewriting

International Conference on Information and Knowledge Management, Proceedings

Volumn , Issue , 2004, Pages 543-552

  Luo, Bo ^a   Lee, Dongwon ^a   Lee, Wang Chien ^a   Liu, Peng ^a  

^a PENNSYLVANIA STATE UNIVERSITY   (United States)

Author keywords

Data security and privacy; Query rewriting; XML security

Indexed keywords

ALGORITHMS; CONTROL SYSTEMS; DATABASE SYSTEMS; GRAPH THEORY; QUERY LANGUAGES; RECURSIVE FUNCTIONS; SECURITY OF DATA;

DATA SECURITY AND PRIVACY; QUERY EXECUTION TIME; QUERY REWRITING; XML SECURITY;

XML;

EID: 18744396386     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (22)

1. E. Bertino and E. Ferrari. Secure and Selective Dissemination of XML Documents. ACM TISSEC, 5(3):290-331, Aug. 2002.
2. T. Bray, J. Paoli, and C. M. Sperberg-McQueen (Eds). Extensible Markup Language (XML) 1.0 (2nd Ed.). W3C Recommendation, Oct. 2000..
3. S. Cho, S. Amer-Yahia, L. V.S. Lakshmanan, and D. Srivastava. Optimizing the Secure Evaluation of Twig Queries. In VLDB, Hong Kong, China, Aug. 2002.
4. E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati. A Fine-Grained Access Control System for XML Documents. ACM TISSEC, 5(2): 169-202, May 2002.
5. E. Damiani, S. De Capitani Di Vimercati, S. Paraboschi, and P. Samarati. Design and Implementation of an Access Control Processor for XML Documents. Computer Networks, 33(6):59-75, 2000.
6. Y. Diao and M. J. Franklin. High-Performance XML Filtering: An Overview of YFilter. IEEE Data Eng. Bulletin, Mar. 2003.
7. E. Fernandez, E. Gudes, and H. Song. A Model of Evaluation and Administration of Security in Object-Oriented Databases. IEEE TKDE, 6(2):275-292, 1994.
8. S. Godik and T. Moses (Eds), extensible Access Control Markup Language (XACML) Version 1.0. OASIS Specification Set, Feb. 2003.
9. M. Kudo and S. Hada. XML document security based on provisional authorization. In ACM CCS, 2000.
10. D. Lee, W. C. Lee and P. Liu. Supporting XML Security Models using Relational Databases: A Vision. In XML Database Symposium (XSym), Berlin, Germany, 2003.
11. G. Miklau and D. Suciu. Containment and equivalence for an XPath fragment. In 21st ACM PODS, 2002
12. J. Moffett, M. Sloman, and K. Twidle. Specifying Discretionary Access Control Policy for Distributed Systems, Nov. 1990.
13. M. Murata, A. Tozawa, and M. Kudo. XML Access Control using Static Analysis. In ACM CCS, Washington D.C., 2003.
14. S. Osborn. Mandatory Access Control and Role-Based Access Control Revisited. In ACM Workshop on Role Based Access Control, pages 31-40, Fairfax, VA, 1997.
15. F. Rabitti, E. Bertino, W. Kim and D. Woelk. A Model of Authorization for Next-Generation Database Systems. ACM Trans. on Database Systems (TODS), 16(1):89-131, 1991.
16. P. Samarati, E. Bertino, and S. Jajodia. An Authorization Model for a Distributed Hypertext System. IEEE Trans. on Knowledge and Data Eng. (TKDE), 8(4):555-562, 1996.
17. R. Sandhu, E. Coyne, H. Feinstein, and C. Youman. Role-Based Access Control Models. IEEE Computer, 29(2), 1996.
18. A. R. Schmidt, F. Waas, M. L. Kersten, D. Florescu, I. Manolescu, M. J. Carey, and R. Busse. The XML Benchmark Project. Technical Report INS-R0103, CWI, April 2001.
19. J. Simeon and M. Fernandez. Galax V 0.3.5, Jan. 2004. http://db.belllabs.com/galax/.
20. T. Yu, D. Srivastava, L. V.S. Lakshmanan, and H. V. Jagadish. Compressed Accessibility Map: Efficient Access Control for XML. In VLDB, Hong Kong, China, Aug. 2002.
21. R. Rizvi, A. Mendelzon, S. Sudarshan, P. Roy. Extending Query Rewriting Techniques for Fine-Grained Access Control. In ACM SIGMOD 2004.
22. L. Bouganim, F. D. Ngoc, and P. Pucheral. Client-Based Access Control Management for XML documents. In VLDB, Toronto, Canada, 2004.