XML Security Views Revisited

Groz, Benoît; Staworko, Sławek; Caron, Anne-Cécile; Roos, Yves; Tison, Sophie

doi:10.1007/978-3-642-03793-1_4

Cited by 7 publications

(5 citation statements)

References 23 publications

(36 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We should emphasize that in case of recursive DTDs, the view generation is not always guaranteed [14]. More specifically, hiding some information from the DTD may result in a context-free grammar that cannot be captured with a regular grammar 6 .…”

Section: View Generatormentioning

confidence: 99%

“…To address such security issues, there has been a host of work [10,11,12,14,15,16] that proposed various models and mechanisms to secure access to XML data. Most of these proposals are based on the concepts of: 1) security view that shows for each group of users all and only the information they are granted access to; and 2) query rewriting which is used in order to avoid costs of views materialization and maintenance by rewriting each query on the view into an equivalent one on the underlying document (i.e.…”

Section: Introductionmentioning

confidence: 99%

“…Regular XPath is more expressive than XPath and allows definition of recursive paths. The use of this language to secure XML data has been more studied in [12,14]. However, Regular XPath based solutions still a theoretical achievement and may be impractical since rewriting of Regular XPath expressions may be of exponential cost.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

SVMAX

Mahfoud¹,

Imine²,

Rusinowitch³

2013

Proceedings of the 17th International Database Engineering &Amp; Applications Symposium on - IDEAS '13

View full text Add to dashboard Cite

It is increasingly common to find XML views used to enforce access control as found in many applications and commercial database systems. To overcome the overhead of view materialization and maintenance, XML views are necessarily virtual. With this comes the need for answering XML queries posed over virtual views, by rewriting them into equivalent queries on the underlying documents. A major concern here is that query rewriting for recursive XML views is still an open problem, and proposed approaches deal only with nonrecursive XML views. Moreover, a small number of works have studied the access rights for updates. In this paper, we present SVMAX (Secure and Valid MAnipulation of XML), the first system that supports specification and enforcement of both read and update access policies over arbitrary XML views (recursive or non). SVMAX defines general and expressive models for controlling access to XML data using significant class of XPath queries and in the presence of the update primitives of W3C XQuery Update Facility. Furthermore, SVMAX features an additional module enabling efficient validation of XML documents after primitive updates of XQuery. The wide use of W3C standards makes of SVMAX a useful system that can be easily integrated within commercial database systems as we will show. We give extensive experimental results, based on real-life DTDs, that show the efficiency and scalability of our system.

show abstract

Section: View Generatormentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

SVMAX

Mahfoud¹,

Imine²,

Rusinowitch³

2013

Proceedings of the 17th International Database Engineering &Amp; Applications Symposium on - IDEAS '13

View full text Add to dashboard Cite

show abstract

“…To identify the visible nodes we use annotations. They are commonly used, for instance, to specify security views of XML documents [9,10]. Typically, they accompany DTDs, but here we introduce them independently of the DTD.…”

Section: Preliminariesmentioning

confidence: 99%

“…We consider XML views obtained by removing selected parts of the document only. This class of views does not allow any restructuring of the data, however, it has various practical applications of which secure access to XML databases is one prominent example [9,10]. The considered update operations are inserting and deleting a subtree.…”

Section: Introductionmentioning

confidence: 99%

The view update problem for XML

Staworko

Boneva

Groz

2010

Proceedings of the 2010 EDBT/ICDT Workshops

Self Cite

View full text Add to dashboard Cite

International audienceWe study the problem of update propagation across views in the setting where both the view and the source database are XML documents. We consider a simple class of XML views that remove selected parts of the source document. The considered update operations permit to insert and delete subtrees of the document. We focus on constructing propagations that are 1) schema compliant i.e., when applied to the source document they give a document that satisfies the document schema; 2) side-effect free i.e., the view of the new source document is exactly as the result of applying the user update to the old view. We present a special structure allowing to capture all such propagations. We also show how to use this structure to capture only those propagations that affect minimally the parts of the document which are not visible in the view. Finally, we present a general outline of a polynomial algorithm constructing a unique propagation

show abstract

On Securely Manipulating XML Data

Mahfoud

Imine

2013

Foundations and Practice of Security

View full text Add to dashboard Cite

XML Security Views Revisited

Cited by 7 publications

References 23 publications

SVMAX

SVMAX

The view update problem for XML

On Securely Manipulating XML Data

Contact Info

Product

Resources

About