Generalized XML Security Views

IRIS

We investigate a generalization of the notion of XML security view introduced by Stoica and Farkas [22] and later refined by Fan et al. [12]. The model consists of access control policies specified over DTDs with XPath expression for data-dependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that can be used by users for query formulation and optimization. Then we show an algorithm to materialize authorized" version of the document from the view and an algorithm to construct the view from an access control specification. We show that our view construction combined with materialization produces the same result as the direct application of the DTD access specification on the document. To avoid the overhead of view materialization in query answering

Generalized XML Security Views / Kuper, Gabriel; Massacci, Fabio; Rassadko, Nataliya. - ELETTRONICO. - (2005), pp. 1-41.

Generalized XML Security Views

Kuper, Gabriel;Massacci, Fabio;Rassadko, Nataliya

2005-01-01

Abstract

We investigate a generalization of the notion of XML security view introduced by Stoica and Farkas [22] and later refined by Fan et al. [12]. The model consists of access control policies specified over DTDs with XPath expression for data-dependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that can be used by users for query formulation and optimization. Then we show an algorithm to materialize authorized" version of the document from the view and an algorithm to construct the view from an access control specification. We show that our view construction combined with materialization produces the same result as the direct application of the DTD access specification on the document. To avoid the overhead of view materialization in query answering

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
			2005
		
	Luogo di edizione (Place of publication)
	
			Trento
		
	Casa editrice (Publisher)
	
			Università degli Studi di Trento - Dipartimento di Informatica e Telecomunicazioni
		
	Citazione
	
			Generalized XML Security Views / Kuper, Gabriel; Massacci, Fabio; Rassadko, Nataliya. - ELETTRONICO. - (2005), pp. 1-41.
		
	Tutti gli autori
	
			Kuper, Gabriel; Massacci, Fabio; Rassadko, Nataliya
		
	Appare nelle tipologie:
	
			07.2 Altre pubblicazioni (Other types of publications)

File in questo prodotto:

File	Dimensione	Formato
DIT-05-061.pdf accesso aperto Tipologia: Versione editoriale (Publisher’s layout) Licenza: Tutti i diritti riservati (All rights reserved) Dimensione 345.28 kB Formato Adobe PDF Visualizza/Apri	345.28 kB	Adobe PDF	Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/358005

Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni

ND

ND

ND

social impact