A general approach to securely querying XML

Ernesto Damiani; Majirus Fansi; Alban Gabillon; Stefania Marrara

A general approach to securely querying XML

Ernesto Damiani, Majirus Fansi, Alban Gabillon, Stefania Marrara

Electrical Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user view on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML dataset. The aim of this paper is to describe a general query rewriting technique to securely querying XML. The model specification is given using a Finite State Automata, ensuring generality and easiness of standardization w.r.t. specific implementation techniques.

Original language	British English
Title of host publication	Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007
Pages	115-122
Number of pages	8
State	Published - 2007
Event	5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007 - Funchal, Madeira, Portugal Duration: 12 Jun 2007 → 13 Jun 2007

Publication series

Name	Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007

Conference

Conference	5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007
Country/Territory	Portugal
City	Funchal, Madeira
Period	12/06/07 → 13/06/07

Cite this

Damiani, E., Fansi, M., Gabillon, A., & Marrara, S. (2007). A general approach to securely querying XML. In Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007 (pp. 115-122). (Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007).

Damiani, Ernesto ; Fansi, Majirus ; Gabillon, Alban et al. / A general approach to securely querying XML. Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007. 2007. pp. 115-122 (Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007).

@inproceedings{43d48a5136f94d1fbc01ab762ccf7030,

title = "A general approach to securely querying XML",

abstract = "Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user view on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML dataset. The aim of this paper is to describe a general query rewriting technique to securely querying XML. The model specification is given using a Finite State Automata, ensuring generality and easiness of standardization w.r.t. specific implementation techniques.",

author = "Ernesto Damiani and Majirus Fansi and Alban Gabillon and Stefania Marrara",

note = "Funding Information: This work was supported in part by the Italian Basic Research Fund (FIRB) within the TEKNE project and by funding from the French ministry for research under “ACI S{\'e}curit{\'e} Informatique 2003–2006. Projet CASC”. Majirus Fansi holds a Ph.D scholarship granted by the “Conseil G{\'e}n{\'e}ral des Landes”. ; 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007 ; Conference date: 12-06-2007 Through 13-06-2007",

year = "2007",

language = "British English",

isbn = "9789728865962",

series = "Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007",

pages = "115--122",

booktitle = "Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007",

}

Damiani, E, Fansi, M, Gabillon, A & Marrara, S 2007, A general approach to securely querying XML. in Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007. Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007, pp. 115-122, 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007, Funchal, Madeira, Portugal, 12/06/07.

A general approach to securely querying XML. / Damiani, Ernesto; Fansi, Majirus; Gabillon, Alban et al.
Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007. 2007. p. 115-122 (Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A general approach to securely querying XML

AU - Damiani, Ernesto

AU - Fansi, Majirus

AU - Gabillon, Alban

AU - Marrara, Stefania

N1 - Funding Information: This work was supported in part by the Italian Basic Research Fund (FIRB) within the TEKNE project and by funding from the French ministry for research under “ACI Sécurité Informatique 2003–2006. Projet CASC”. Majirus Fansi holds a Ph.D scholarship granted by the “Conseil Général des Landes”.

PY - 2007

Y1 - 2007

N2 - Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user view on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML dataset. The aim of this paper is to describe a general query rewriting technique to securely querying XML. The model specification is given using a Finite State Automata, ensuring generality and easiness of standardization w.r.t. specific implementation techniques.

AB - Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user view on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML dataset. The aim of this paper is to describe a general query rewriting technique to securely querying XML. The model specification is given using a Finite State Automata, ensuring generality and easiness of standardization w.r.t. specific implementation techniques.

UR - http://www.scopus.com/inward/record.url?scp=58149134211&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:58149134211

SN - 9789728865962

T3 - Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007

SP - 115

EP - 122

BT - Proceedings of the 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007

T2 - 5th International Workshop on Security in Information Systems - WOSIS 2007; In Conjunction with ICEIS 2007

Y2 - 12 June 2007 through 13 June 2007

ER -

A general approach to securely querying XML

Abstract

Publication series

Conference

Other files and links

Fingerprint

Cite this