A general approach to securely querying XML

Ernesto Damiani, Majirus Fansi, Alban Gabillon, Stefania Marrara

Research output: Contribution to journalArticlepeer-review

28 Scopus citations

Abstract

XML access control requires the enforcement of highly expressive access control policies to support schema-, document and object-specific protection requirements. Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user views on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML data set. The pros and cons for these approaches have been widely discussed in the framework of XML access control standardization activities. The aim of this paper is to describe a model combining the advantages of these approaches and overcoming their limitations, suitable as the basis of a standard technique for XML access control enforcement. The model specification is given using a Finite State Automata, ensuring generality w.r.t. specific implementation techniques.

Original languageBritish English
Pages (from-to)379-389
Number of pages11
JournalComputer Standards and Interfaces
Volume30
Issue number6
DOIs
StatePublished - Aug 2008

Keywords

  • DFA
  • Security enforcement
  • XML
  • XPath
  • XUpdate

Fingerprint

Dive into the research topics of 'A general approach to securely querying XML'. Together they form a unique fingerprint.

Cite this