Pragmatic XML Access Control Using Off-the-Shelf RDBMS

Luo, Bo; Lee, Dongwon; Liu, Peng

doi:10.1007/978-3-540-74835-9_5

Cited by 6 publications

(7 citation statements)

References 41 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Theoretical work on access control has led to several frameworks for representing access control policies in flexible, fine-grained ways, e.g. [12,17,27]. Rather than assuming a particular policy model, such as DAC, MAC, or RBAC, these frameworks typically provide a way to represent access control rules (ACRs) [22] that may apply to individual users, roles, and groups, as well as to objects, fields, and collections of objects.…”

Section: Relational Access Control (Rac)mentioning

confidence: 99%

See 1 more Smart Citation

Relational access control with bivalent permissions in a social Web/collaboration architecture

Davies

Mintz

2010

2010 International Symposium on Collaborative Technologies and Systems

View full text Add to dashboard Cite

We describe an access control model that has been implemented in the web content management framework "Deme" (which rhymes with "team"). Access control in Deme is an example of what we call "bivalent relation object access control" (BROAC). This model builds on recent work by Giunchiglia et al. on relation-based access control (RelBAC), as well as other work on relational, flexible, fine-grained, and XML access control models. We describe Deme's architecture and review access control models, motivating our approach. BROAC allows for both positive and negative permissions, which may conflict with each other. We argue for the usefulness of defining access control rules as objects in the target database, and for the necessity of resolving permission conflicts in a social Web/collaboration architecture. After describing how Deme access control works, including the precedence relations between different permission types in Deme, we provide several examples of realistic scenarios in which permission conflicts arise, and show how Deme resolves them. Initial performance tests indicate that permission checking scales linearly in time on a practical Deme website.

show abstract

Section: Relational Access Control (Rac)mentioning

confidence: 99%

“…Relational access control (RAC) has been the subject of considerable study in contexts where fine-grained permissions must routinely be assigned, e.g. for XML documents [21,22,26,27]. But to our knowledge the RAC paradigm has not yet been recognized as a significant alternative for collaboration systems.…”

Section: Relational Access Control (Rac)mentioning

confidence: 99%

Relational access control with bivalent permissions in a social Web/collaboration architecture

Davies

Mintz

2010

2010 International Symposium on Collaborative Technologies and Systems

View full text Add to dashboard Cite

show abstract

“…Several researchers have proposed to use the mature relational database technology to store, secure and query XML data [1,5,6,11,12]. Although relational databases support table level and tuple level access control mechanism, they do not provide node-level restriction mechanisms for the hierarchical XML data.…”

Section: Introductionmentioning

confidence: 99%

A Rule-Based Relational XML Access Control Model in the Presence of Authorization Conflicts

Alwehaibi

Atay

2017

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

There is considerable amount of sensitive XML data stored in relational databases. It is a challenge to enforce node level fine-grained authorization policies for XML data stored in relational databases which typically support table and column level access control. Moreover, it is common to have conflicting authorization policies over the hierarchical nested structure of XML data. There are a couple of XML access control models for relational XML databases proposed in the literature. However, to our best knowledge, none of them discussed handling authorization conflicts with conditions in the domain of relational XML databases. Therefore, we believe that there is a need to define and incorporate effective fine-grained XML authorization models with conflict handling mechanisms in the presence of conditions into relational XML databases. We address this issue in this study.

show abstract

“…There are many algorithms proposed to secure native XML documents, such as [2], [4], [6], [9]. However, there are a few algorithms proposed to apply XML access control technique for XML documents stored in relational databases, such as [10], [11], and [15]. In [10], [11], the XML documents stored in relational database without using XML schema.…”

Section: Introductionmentioning

confidence: 99%

“…However, there are a few algorithms proposed to apply XML access control technique for XML documents stored in relational databases, such as [10], [11], and [15]. In [10], [11], the XML documents stored in relational database without using XML schema. The proposed technique in [15] used XML schema in storing XML documents in relational database, but it had the following drawbacks [14]:…”

Section: Introductionmentioning

confidence: 99%

Relational Storage for XML Rules

A.A¹

2012

IJWSA

View full text Add to dashboard Cite

Very few research works have been done on XML security over relational databases despite that XML became the de facto standard for the data representation and exchange on the internet and a lot of XML documents are stored in RDBMS. In [14], the author proposed an access control model for schema-based storage of XML documents in relational storage and translating XML access control rules to relational access control rules. However, the proposed algorithms had performance drawbacks. In this paper, we will use the same access control model of [14] and try to overcome the drawbacks of [14] by proposing an efficient technique to store the XML access control rules in a relational storage of XML DTD. The mapping of the XML DTD to relational schema is proposed in [7]. We also propose an algorithm to translate XPath queries to SQL queries based on the mapping algorithm in [7].

show abstract

Pragmatic XML Access Control Using Off-the-Shelf RDBMS

Cited by 6 publications

References 41 publications

Relational access control with bivalent permissions in a social Web/collaboration architecture

Relational access control with bivalent permissions in a social Web/collaboration architecture

A Rule-Based Relational XML Access Control Model in the Presence of Authorization Conflicts

Relational Storage for XML Rules

Contact Info

Product

Resources

About