Abstract
Recently, an urgent need for XML access control mechanism over World Wide Web has been felt. Moreover, an efficient dynamic labeling scheme is required in order to eliminate the re-labeling process of existing XML nodes during XML document updating. However, the previous research on access control mechanisms for XML documents has not addressed the issue of integrating access control with a dynamic labeling scheme. In this paper, we propose an XML access control mechanism integrated with EXEL encoding and labeling scheme to eliminate the re-labeling process for updating the well-formed XML documents. The key idea is to regard an authorization as a query condition to be satisfied. Therefore, the benefit of speeding up searching and querying processes is obtained by employing such a labeling scheme in our proposed access control mechanism.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bray, T., Paoli, J., Sperberg-McQueen, C.M., Maler, E., Yergeau, F.: Extensible Markup Language (XML) 1.0. W3C Recommendation, 10th edn. (2008), http://www.w3.org/TR/REC-xml/
Clark, J., DeRose, S.: XML Path Language (XPath) Version 1.0 (1999), http://www.w3.org/TR/xpath/
Boag, S., Chamberlin, D., Fernández, M.F., Florescu, D., Robie, J., Siméon, J.: XQuery 1.0: An XML Query Language (2007), http://www.w3.org/TR/xquery/
Li, Q., Moon, B.: Indexing and Querying XML Data for Regular Path Expressions. In: Proceedings of the 27th International Conference on Very Large Data Bases, pp. 361–370. Morgan Kaufmann, Roma (2001)
Zhang, C., Naughton, J., DeWitt, D., Luo, Q., Lohman, G.: On Supporting Containment Queries in Relational Database Management Systems. ACM SIGMOD Record Journal 30(2), 425–436 (2001)
Tatarinov, I., Viglas, S.D., Beyer, K., Shanmugasundaram, J., Shekita, E., Zhang, C.: Storing and Querying Odered XML Using a Relational Database System. In: Proceedings of the 2002 ACM SIGMOD International Conference on Management of Data, pp. 204–215. ACM Press, Madison (2002)
Min, J.-K., Lee, J., Chung, C.-W.: An Efficient XML Encoding and Labeling Method for Query Processing and Updating on Dynamic XML Data. Journal of Systems and Software 82(3), 503–515 (2009)
Min, J.-K., Lee, J.-H., Chung, C.-W.: An Efficient Encoding and Labeling for Dynamic XML Data. In: Kotagiri, R., Radha Krishna, P., Mohania, M., Nantajeewarawat, E. (eds.) DASFAA 2007. LNCS, vol. 4443, pp. 715–726. Springer, Heidelberg (2007)
Mirabi, M., Ibrahim, H., Mamat, A., Udzir, N.I., Fathi, L.: Controlling Label Size Increment of Efficient XML Encoding and Labeling Scheme in Dynamic XML Update. Journal of Computer Science 6(12), 1529–1534 (2010)
Bertino, E., Castano, S., Ferrari, E., Mesiti, M.: Specifying and Enforcing Access Control Policies for XML Document Sources. Journal of World Wide Web 3(3), 139–151 (2000)
Damiani, E., De Capitani di Vimercati, S., Paraboschi, S., Samarati, P.: Securing XML Documents. In: Zaniolo, C., Grust, T., Scholl, M.H., Lockemann, P.C. (eds.) EDBT 2000. LNCS, vol. 1777, pp. 121–135. Springer, Heidelberg (2000)
Damiani, E., di Vimercati, S.D.C., Paraboschi, S., Samarati, P.: A Fine-Grained Access Control System for XML Documents. Journal of ACM Transactions on Information and System Security (TISSEC) 5(2), 169–202 (2002)
Jo, S.-M., Kim, K.-T., Kouh, H.-J., Yoo, W.-H.: Access Authorization Policy for XML Document Security. In: Chen, G., Pan, Y., Guo, M., Lu, J. (eds.) ISPA-WS 2005. LNCS, vol. 3759, pp. 589–598. Springer, Heidelberg (2005)
Jo, S.-M., Yang, C.-M., Yoo, W.-H.: XML Access Control for Security and Memory Management. In: Alford, M.W., Hommel, G., Schneider, F.B., Ansart, J.P., Lamport, L., Mullery, G.P., Zhou, T.H. (eds.) Distributed Systems. LNCS, vol. 190, pp. 179–189. Springer, Heidelberg (1985)
Lee, J.-G., Whang, K.-Y., Han, W.-S., Song, I.-Y.: The Dynamic Predicate: Integrating Access Control with Query Processing in XML Databases. The VLDB Journal 16(3), 371–387 (2007)
Murata, M., Tozawa, A., Kudo, M., Hada, S.: XML Access Control Using Static Analysis. Journal of ACM Transactions on Information and System Security (TISSEC) 9(3), 292–324 (2006)
Fan, W., Chan, C.-Y., Garofalakis, M.: Secure XML Querying with Security Views. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 587–598. ACM Press, Paris (2004)
Damiani, E., Fansi, M., Gabillon, A., Marrara, S.: A General Approach to Securely Querying XML. Journal of Computer Standards & Interfaces 30(6), 379–389 (2008)
Rassadko, N.: Query Rewriting Algorithm Evaluation for XML Security Views. In: Jonker, W., Petković, M. (eds.) SDM 2007. LNCS, vol. 4721, pp. 64–80. Springer, Heidelberg (2007)
Rassadko, N.: Policy Classes and Query Rewriting Algorithm for XML Security Views. In: Damiani, E., Liu, P. (eds.) Data and Applications Security 2006. LNCS, vol. 4127, pp. 104–118. Springer, Heidelberg (2006)
Damiani, E., Fansi, M., Gabillon, A., Marrara, S.: Securely Updating XML. In: Apolloni, B., Howlett, R.J., Jain, L. (eds.) KES 2007, Part III. LNCS (LNAI), vol. 4694, pp. 1098–1106. Springer, Heidelberg (2007)
Luo, B., Lee, D., Lee, W.-C., Liu, P.: QFilter: Fine-Grained Run-Time XML Access Control via NFA-based Query Rewriting. In: Proceedings of the Thirteenth ACM International Conference on Information and Knowledge Management, pp. 543–552. ACM Press, Washington, D.C., USA (2004)
Byun, C., Park, S.: Two Phase Filtering for XML Access Control. In: Jonker, W., Petković, M. (eds.) SDM 2006. LNCS, vol. 4165, pp. 115–130. Springer, Heidelberg (2006)
Byun, C., Park, S.: An Efficient Yet Secure XML Access Control Enforcement by Safe and Correct Query Modification. In: Bressan, S., Küng, J., Wagner, R. (eds.) DEXA 2006. LNCS, vol. 4080, pp. 276–285. Springer, Heidelberg (2006)
Tan, K.-L., Lee, M.L., Wang, Y.: Access Control of XML Documents in Relational Database Systems. In: Proceedings of the International Conference on Internet Computing, pp. 185–191. CSREA Press, Las Vegas (2001)
Kuper, G., Massacci, F., Rassadko, N.: Generalized XML security views. International Journal of Information Security 8(3), 173–203 (2009)
Kuper, G., Massacci, F., Rassadko, N.: Generalized XML security views. In: Proceedings of the 10th ACM Symposium on Access Control Models and Technologies, pp. 77–84. ACM Press, Stockholm (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mirabi, M., Ibrahim, H., Mamat, A., Udzir, N.I. (2011). Integrating Access Control Mechanism with EXEL Labeling Scheme for XML Document Updating. In: Fong, S. (eds) Networked Digital Technologies. NDT 2011. Communications in Computer and Information Science, vol 136. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22185-9_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-22185-9_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22184-2
Online ISBN: 978-3-642-22185-9
eBook Packages: Computer ScienceComputer Science (R0)