Optimizing Tree Pattern Queries over Secure XML Databases

  • Hui Wang
  • Divesh Srivastava
  • Laks V. S. Lakshmanan
  • SungRan Cho
  • Sihem Amer-Yahia
Part of the Advances in Information Security book series (ADIS, volume 33)

Abstract

The rapid emergence of XML as a standard for data representation and exchange over the Web has sparked considerable interest in models and efficient mechanisms for controlled access, especially using queries, to information represented in XML (see, e.g., [3],[5]–[7],[11]–[13],[31]).

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Martin Abadi and Bogdan Warinschi. Security analysis of cryptographically controlled access to xml documents. Symposium on Principles of Database Systems(PODS), 2005.Google Scholar
  2. 2.
    Chutiporn Anutariya, Somchai Chatvichienchai, Mizuho Iwaihara, and Yahiko Kambayashi Vilas Wuwongse. A rule-based xml access control model. International Conference on Rules and Rule Markup Languages for the Semantic Web(RuleML), 2003.Google Scholar
  3. 3.
    Elisa Bertino, M. Braun, Silvana Castano, Elena Ferrari, and Marco Mesiti. Authorx: A java-based system for xml data protection. IFIP Working Conf. Database Security, 2000.Google Scholar
  4. 4.
    Elisa Bertino, Silvana Castano, and Elena Ferrari. On specifying security policies for web documents with an xml-based language. ACM Symposium on Access Control Models and Technologies (SACMAT), 2001.Google Scholar
  5. 5.
    Elisa Bertino, Silvana Castano, and Elena Ferrari. Securing xml documents with author-x. IEEE Internet Computing, 2001.Google Scholar
  6. 6.
    Elisa Bertino, Silvana Castano, Elena Ferrari, and Marco Mesiti. Controlled access and dissemination of xml documents. Workshop on Web Information and Data Management, 1999.Google Scholar
  7. 7.
    Elisa Bertino, Silvana Castano, Elena Ferrari, and Marco Mesiti. Specifying and enforcing access control policies for xml document sources. World Wide Web Journal, 2000.Google Scholar
  8. 8.
    Elisa Bertino and Elena Ferrari. Secure and selective dissemination of xml documents. ACM Transactions on Information and System Security (TISSEC), 2002.Google Scholar
  9. 9.
    Biomedical database, http://www.cs.washington.edu/-research/xmldatasets/www/repository.html.Google Scholar
  10. 10.
    Luc Bouganim, Francois Dang Ngoc, and Philippe Pucheral. Client-based access control management for xml documents. Very Large Database (VLDB), 2004.Google Scholar
  11. 11.
    SungRan Cho, Sihem Amer-Yahia, Laks V. S. Lakshmanan, and Divesh Srivastava. Optimizing the secure evaluation of twig queries. Very Large Database (VLDB), 2002.Google Scholar
  12. 12.
    Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, and Pierangela Samarati. Design and implementation of an access control processor for xml documents. Computer Networks, 2000.Google Scholar
  13. 13.
    Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, and Pierangela Samarati. Securing xml documents. International Conference on Extending Database Technology(EDBT), 2000.Google Scholar
  14. 14.
    Ernesto Damiani, Sabrina De Capitani di Vimercati, Stefano Paraboschi, and Pierangela Samarati. Xml access control systems: A component-based approach. Informatica, 2002.Google Scholar
  15. 15.
    Wenfei Fan, Chee Yong Chan, and Minos N. Garofalakis. Secure xml querying with security views. Special Interest Group on Management of Data(SIGMOD), 2004.Google Scholar
  16. 16.
    Irini Fundulaki and Maarten Marx. Specifying access control policies for xml documents with xpath. ACM Symposium on Access Control Models and Technologies (SACMAT), 2004.Google Scholar
  17. 17.
    Abhilash Gummadi, Jong P. Yoon, Biren Shah, and Vijay Raghavan. A bitmap-based access control for restricted views of xml documents. ACM Workshop on XML Security, 2003.Google Scholar
  18. 18.
    IBM XML generator, http://www.alphaworks.ibm.com/tech/xmlgenerator.Google Scholar
  19. 19.
    Michiharu Kudo and Satoshi Hada. Xml document security based on provisional authorization. ACM Conf. Computer and Communications Security, 2000.Google Scholar
  20. 20.
    Gabriel Kuper, Fabio Massacci, and Nataliya Rassadko. Generalized xml security views. ACM Symposium on Access Control Models and Technologies (SACMAT), 2005.Google Scholar
  21. 21.
    Bo Luo, Dongwon Lee, Wang-Chien Lee, and Peng Liu. Qfilter: Fine-grained run-time xml access control via nfa-based query rewriting. Conference on Information and Knowledge Management(CIKM), 2004.Google Scholar
  22. 22.
    Gerome Miklau and Dan Suciu. Containment and equivalence for an xpath fragment. Symposium on Principles of Database Systems(PODS), 2002.Google Scholar
  23. 23.
    Gerome Miklau and Dan Suciu. Controlling access to published data using cryptography. Very Large Database (VLDB), 2003.Google Scholar
  24. 24.
    Makoto Murata, Akihiko Tozawa, and Michiharu Kudo. Xml access control using static analysis. ACM Conference on Computer and Communications Security (CCS), 2003.Google Scholar
  25. 25.
    United States Government Bills, http://xml.house.gov.Google Scholar
  26. 26.
    Hui Wang, Divesh Srivastava, Laks V.S. Lakshmanan, SungRan Cho, and Sihem Amer-Yahia. Optimizing tree pattern queries over secure xml databases: Full paper. http://www.cs.ubc.ca/~hwang/accesscontrol/proof.pdf, 2005.Google Scholar
  27. 27.
    Jingzhu Wang and Sylvia L. Osborn. A role-based approach to access control for xml databases. ACM Symposium on Access Control Models and Technologies (SACMAT), 2004.Google Scholar
  28. 28.
    Peter Wood. Containment for xpath fragments under dtd constraints. International Conference on Database Theory(ICDT), 2003.Google Scholar
  29. 29.
    XALAN, http://xml.apache.org.Google Scholar
  30. 30.
    XMark, http://monetdb.cwi.nl/xml/.Google Scholar
  31. 31.
    Ting Yu, Divesh Srivastava, Laks V.S. Lakshmanan, and H. V. Jagadish. A compressed accessibility map for xml. ACM Transactions on Database Systems, 2004.Google Scholar
  32. 32.
    Huaxin Zhang, Ning Zhang, Kenneth Salem, and Donghui Zhuo. Compact access control labeling for efficient secure xml query evaluation. International Workshop on XML Schema and Data Management(XSDM), 2005.Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2007

Authors and Affiliations

  • Hui Wang
    • 1
  • Divesh Srivastava
    • 2
  • Laks V. S. Lakshmanan
    • 1
  • SungRan Cho
    • 3
  • Sihem Amer-Yahia
    • 2
  1. 1.Department of Computer ScienceUniversity of British ColumbiaColumbia
  2. 2.AT&T Labs-ResearchUSA
  3. 3.L3S Research CenterUniversity of HannoverHannover

Personalised recommendations