Secure and selective dissemination of XML documents

Bertino, Elisa; Ferrari, Elena

doi:10.1145/545186.545190

Cited by 262 publications

(222 citation statements)

References 17 publications

Supporting

Mentioning

220

Contrasting

Unclassified

Order By: Relevance

“…Many proposals on access control mechanisms have been presented in both database literature [9,11,10,12,22] and XML area [3,5,7]. There are however few proposals on access controls across heterogeneous data models, and the most related works are those on secure XML federations [27] and XML security models using relational databases [13].…”

Section: Related Workmentioning

confidence: 99%

Secure Model Management Operations for the Web

Song

Zhang

Thuraisingham

et al. 2005

Data and Applications Security XIX

View full text Add to dashboard Cite

Abstract.The interoperability among different data formats over the Internet has drawn increasing interest recently due to more and more heterogeneous data models are used in different Web services. In order to ease the manipulation of data models for heterogeneous data, generic model management has been intensively researched and also implemented in a prototype since its first introduction. Access control specifications attached to each individual data model require significant amount of efforts to manually specify. Based on a general security model for access control specifications on heterogeneous data models and its visual representation, we present secure model management operators for managing access control specifications.The secure model management operators disccussed in the paper include a secure match operator and a secure merge operator. We introduce a novel graphical schema matching algorithm and extend the algorithm to make a secure match operator. The paper also discusses secure merge principles for the integration of data models.

show abstract

Section: Related Workmentioning

confidence: 99%

Secure Model Management Operations for the Web

Song

Zhang

Thuraisingham

et al. 2005

Data and Applications Security XIX

View full text Add to dashboard Cite

show abstract

“…Recently, many access control methods extending the XML model to incorporate security aspects have been proposed (e.g., XACML [11], [6], [2], [23]). To the lesser or greater extent, however, such proposals neglect the fact that the most data for XML documents still reside in relational databases behind the scenes, and consequently do not utilize various security models that have been proposed for and implemented in relational databases.…”

Section: Xmlmentioning

confidence: 99%

“…In [6], the model proposed in [7] is extended by enriching the authorization types supported by the model, providing a complete description of the specification and enforcement mechanism. Among comparable proposals, in [2], an access control environment for XML documents and some techniques to deal with authorization priorities and conflict resolution issues are proposed. Finally, the use of authorization priorities with propagation and overriding, which is an important aspect of XML access control may recall approaches in the context of object-oriented databases, like [9] and [18].…”

Section: Xml and Relational Security Modelsmentioning

confidence: 99%

Supporting XML Security Models Using Relational Databases: A Vision

Lee

Liu

2003

Database and XML Technologies

View full text Add to dashboard Cite

Abstract. As the secure distribution and sharing of information over the World Wide Web becomes increasingly important, the needs for flexible and efficient support of access control systems naturally arise. Since the eXtensible Markup Language (XML) is emerging as the format of the Internet era for storing and exchanging information, there have been, recently, many proposals to extend the XML model to incorporate security aspects. To the lesser or greater extent, however, such proposals neglect the fact that the data for XML documents will most likely reside in relational databases, and consequently do not utilize various security models proposed for and implemented in relational databases. In this paper, we take a rather different approach. We explore how to support security models for XML documents by leveraging on techniques developed for relational databases. More specifically, in our approach, (1) Users make XML queries against the given XML view/schema, (2) Access controls for XML data are also specified in the XML model, but (3) Data are stored in relational databases, and (4) Security check and query evaluation are also done in relational databases. Instead of re-inventing wheels, we take two representative methods in both XML security model and XML to relational conversion problems, and show how to glue them together in a seamless manner to efficiently support access controls for the XML model using relational databases.

show abstract

“…Recently, many proposals focusing on XML security models or enforcement mechanisms have appeared (e.g., XACML, [3], [1]). However, XML query processing issues using indices in dealing with secure XML data has gotten little attention.…”

Section: Introductionmentioning

confidence: 99%

“…[3] extends [4] by enriching the supported authorization types, providing a complete description of specification and enforcement mechanism. In [1], an access control environment for XML documents and techniques to deal with authorization priorities and conflict resolution issues are proposed. We base our approach on XISS [6].…”

Section: Introductionmentioning

confidence: 99%

Security-Conscious XML Indexing

Xiao

Luo

Lee

Advances in Databases: Concepts, Systems and Applications

View full text Add to dashboard Cite

Abstract.To support secure exchanging and sharing of XML data over the Internet, a myriad of XML access control mechanisms have been proposed. In the setting of node-level fine-grained access control, query evaluation is a process of locating XML nodes that (1) satisfy query constraints, and (2) do not violate security policies. In this regard, we propose and empirically validate a suite of XML indices for multi-level XML security model.

show abstract

Secure and selective dissemination of XML documents

Cited by 262 publications

References 17 publications

Secure Model Management Operations for the Web

Secure Model Management Operations for the Web

Supporting XML Security Models Using Relational Databases: A Vision

Security-Conscious XML Indexing

Contact Info

Product

Resources

About