Efficient Access Control Labeling for Secure Query Processing on Dynamic XML Data Streams

동적 XML 데이타 스트링의 안전한 질의 처리를 위한 효율적인 접근제어 레이블링

  • 안동찬 (서강대학교 컴퓨터공학과) ;
  • 박석 (서강대학교 컴퓨터공학과)
  • Published : 2009.06.15

Abstract

Recently, the needs for an efficient and secure access control method of dynamic XML data in a ubiquitous data streams environment have become an active research area. In this paper, we proposed an improved role-based prime number labeling scheme for an efficient and secure access control labeling method in dynamic XML data streams. And we point out the limitations of existing access control and labeling schemes for XML data assuming that documents are frequently updated. The improved labeling method where labels are encoded ancestor-descendant and sibling relationships between nodes but need not to be regenerated when the document is updated. Our improved role-based prime number labeling scheme supports an infinite number of updates and guarantees the arbitrary nodes insertion at arbitrary position of the XML tree without label collisions. Also we implemented an efficient access control using a role-based prime number labeling. Finally, we have shown that our approach is an efficient and secure through experiments.

유비쿼터스 데이타 스트림 환경에서 동적 XML 데이타 스트림에 대한 효율적이고 안전한 접근제어 기법은 최근에 활발한 연구분야가 되어왔다. 본 논문에서 동적 XML 데이타 스트림 환경에서 효율적이고 안전한 접근제어를 위한 향상된 롤-기반 소수 레이블링 기법을 제안한다. 또한 지속적으로 갱신되는 XML 문서의 효율적인 레이블링 기법과 효율적이고 안전한 접근제어를 위한 기존연구의 문제점을 지적한다. 제안하는 향상된 레이블링 기법은 문서가 갱신될 때 다시 레이블링 하지 않고도 노드 사이의 조상-후손 관계와 형제 관계를 유지할 수 있으며, 레이블의 충돌 없이 XML 트리에 임의의 지속적인 노드 삽입 또는 갱신을 지원한다. 또한, 롤-기반 소수 레이블링 기법을 통해 효율적인 접근제어를 구현하였다. 끝으로 본 논문의 제안 방법이 효율적이고 안전함을 실험을 통해 보여줄 것이다.

Keywords

References

  1. S. Berglund, D. Boag, M.F. Chamberlin, et al, 'XML path language (XPath) 2.0,' W3C working draft 16. Technical Report WD-xpath20-20020816, World Wide Web Consortium, 2002
  2. S. Boag, D. Chamberlin, M. F. Fernandez, D. Florescu, J. Robie, and J Simon, 'XQuery 1.0: An XML Query Language,' W3C Working Draft 16. Technical Report WD-xquery-20020816, World Wide Web Consortium, 2002
  3. B. Babcock, S. Babu, M. Datar, R. Motwani, and J. Widom, 'Models and Issues in Data Stream Systems,' In PODS(Symposium on Principles of Database Systems), 2002 https://doi.org/10.1145/543613.543615
  4. B. Carminati, E. Ferrari, K. L. Tan, Specifying Access Control Policies on Data Streams Outsourced Data, In DASFAA(Database Systems for Advanced Applications), 2006
  5. C. Li, T.W. Ling, 'QED: A Novel Quaternary Encoding to Completely Avoid Re-labeling in XML Updates,' In CIKM(ACM Conference on Information and Knowledge Management), 2005 https://doi.org/10.1145/1099554.1099692
  6. C. Li, T. W. Ling, M. Hu, 'Efficient Processing of Updates in Dynamic XML Data,' In ICDE(IEEE International Conference on Data Engineering), 2006 https://doi.org/10.1109/ICDE.2006.58
  7. P.E. O'Neil, E.J. O'Neil, S. Pal, I. Cseri, et a1. 'ORDPATHs: Insert-Friendly XML Node Labels,' In SIGMOD(ACM International Conference on Management of Data), 2004 https://doi.org/10.1145/1007568.1007686
  8. J. Xu, Z. Li, Y. Wang, R. Yao, 'An Efficient Encoding and Labeling Scheme for Dynamic XML. Data,' In DEXA(International Conference on Database and Expert Systems Applications), 2007 https://doi.org/10.1007/978-3-540-74469-6_16
  9. E. Bertino, S. Castano, E. Ferrari, and M. Mesiti, 'Specifying and Enforcing Access Control Policies for XML Document Sources,' In WWW Journal, 2000 https://doi.org/10.1023/A:1019289831564
  10. E. Bertino and E. Ferrari, Secure and Selective 'Dissemination of XML Documents,' In TISSEC (ACM Transactions on Information and System Security), Vol.5, No.3, 2002 https://doi.org/10.1145/545186.545190
  11. E. Damiani, S. Vimercati, et. al. 'Securing XML Document,' In EDBT(International Conference on Extending Database Technology), 2000 https://doi.org/10.1007/3-540-46439-5_8
  12. E. Damiani, S. Vimercati, et. al., 'Access Control System for XML. Documents,' In TISSEC(ACM Transactions on Information and System Security), Vo1.5, No.2, 2002 https://doi.org/10.1145/505586.505590
  13. M. Murata, A. Tozawa, and M. Kudo, 'XML Access Control Using Static Analysis,' In CCS (CAM Conference on Computer and Communications Security), 2003 https://doi.org/10.1145/948109.948122
  14. B. Luo, D. W. Lee, W. C. Lee, and P. Liu, 'Qfilter: Fine-grained Run-Time XML Access Control via NFA-based Query Rewriting,' In CIKM(ACM Conference on Information and Knowledge Management), 2004 https://doi.org/10.1145/1031171.1031273
  15. http://www.w3.org/TR/xml-fragment
  16. S. Bose, L. Fegaras, 'XFrag: A Query Processing Framework for Fragmented XML Data,' In Web and Databases, 2005
  17. H. Huo, G. Wang, X. Hui, R. Z. BoNing, and C. Xiao, 'Efficient Query Processing for Streamed XML Fragments,' In DASFAA(Database Systems for Advanced Applications), 2006 https://doi.org/10.1007/11733836_33
  18. W. Fan, I. Fundulaki, F. Geerts, X. Jia, A. Kementsietsidis, 'A View Based Security Framework for XML,' In AHM(All Hands Meeting Home), 2006
  19. J. Lu, T. Wang Ling, 'Labeling and Querying Dynamic XML Trees,' In APWeb(Asia-Pacific Web Conference), 2004
  20. X. Wu, M. Li, L. Hsu, 'A Prime Number Labeling Scheme for Dynamic Ordered XML Trees,' In ICDE(IEEE International Conference on Data Engineering), 2004
  21. A. Schmidt, F. Waas, M. Kersten, M. J. Carey, I. Manolescu, R. Busse, 'XMark: A Benchmark for XML Data Management,' In VLDB(Very Large Data Base), 2002