Browse > Article

An XML Access Control Method through Filtering XPath Expressions  

Jeon Jae-myeong (공군 E-X 사업단)
Chung Yon Dohn (동국대학교 컴퓨터공학부)
Kim Myoung Ho (한국과학기술원 전산학과)
Lee Yoon Joon (한국과학기술원 전산학과)
Publication Information
Journal of KIISE:Databases / v.32, no.2, 2005 , pp. 193-203 More about this Journal
Abstract
XML (extensible Markup Language) is recognized as a standard of data representation and transmission on Internet. XPath is a standard for specifying parts of XML documents anda suitable language for both query processing and access control of XML. In this paper, we use the XPath expression for representing user queries and access control for XML. And we propose an access control method for XML, where we control accesses to XML documents by filtering query XPath expressions through access control XPath expressions. In the proposed method, we directly search XACT (XML Access Control Tree) for a query XPath expression and extract the access-granted parts. The XACT is our proposedstructure, where the edges are structural summary of XML elements and the nodes contain access-control information. We show the query XPath expressions are successfully filtered through the XACT by our proposed method, and also show the performance improvement by comparing the proposed method with the previous work.
Keywords
XPath; XML; Query Processing; Access Control; Security; Databases;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J. M. Jeon, Y, D, Chung, Y. J. Lee and M. H. Kim 'Filtering of XPath Expressions for XML Access Control,' Technical Report (CS-TR-2004-199), Division of Computer Science, KAIST, 2004
2 S. Cho, S. Amer-Yahia, L. Lakshmanan, D. Srivastava 'LockX: A System for Efficiently Querying Secure XML,' In Proc. of the SIGMOD 2003 Conference, pp, 669, San Diago, CA, 2003
3 M. Murata, A. Tozawa, M. Kudo 'XML Access Control Using Static Analysis,' CCS 2003, pp. 73-84, Washington, DC, USA, 2003   DOI
4 M. Benedikt, W. Fan, G. Kuper 'Structural Properties of XPath Fragments,' ICDT 2003, pp. 79-95, Italy, January 2003
5 W3C, XML Path Language (XPath) Version 2.0, W3C Working Draft, 2003, http://www.w3.org/TR/2003/WD-XPath20-20030502/
6 S. Jajodia, P. Samarati, M.L. Sapino, V. S. Subrahmanian 'Flexible Support for Multiple Access Control Policies,' ACM Trans. On Database Systems, 26(2):214-260, June 2001   DOI   ScienceOn
7 W3C, XQuery: A Query Language for XML. W3C Working Draft, May 2003. http://www.w3.org/TR/2003/WD-xquery-20030502/
8 W3C, XML Key Management Specification (XKMS), W3C Note, March 2001. http://www.w3.org/TR/xkms/
9 W3C, XML-Signature Syntax and Processing, W3C Recommendation, February 2002. http://www.w3.org/TR/xmldsig-core/
10 W3C, SOAP Security Extensions: Digital Signature, W3C Note, February 2001. http://www.w3.org/TR/SOAP-dsig/
11 E. Bertino, S. Castano, E. Ferrari 'Securing XML documents with Author-X,' IEEE Internet Computing, 5(3):21-31, 2001   DOI   ScienceOn
12 W3C, XSL Transformations (XSLT) Version 1.0, W3C Recommendation, November 1999. http://www.w3.org/TR/xslt
13 T. Yu, D. Srivastava, L. Lakshmann, H. Jagadish 'Compressed Accessibility Map: Efficient Access Control for XML,' In Proc. of the 28th VLDB Conference, pp. 478-489, Hong Kong, China, 2002
14 S. Cho, S. Amer-Yahia, L. Lakshmanan, D. Srivastava 'Optimizing the Secure Evaluation of Twig Queries,' In Proc. of the 28thVLDB Conference, pp. 490-501, Hong Kong, China, 2002
15 E. Damiani, S. De Capitani di Vimercanti, S. Paraboschi, P. Samarati 'Securing XML Documents,' In Proc. of the 2000 Int'l Conference on Extending Database Technology (EDBT2000), pp 121-135, Germany, March 2000'
16 E. Damiani, S. De Capitani di Vimercanti, S. Paraboschi, P. Samarati 'Securing SOAP e-services,' IJIS 1:100-115, 2002   DOI
17 M. Kudo, S. Hada 'XML Document Security based on Provisional Authorization,' CCS 2000, pp. 87-96, Athens, Greece   DOI
18 G. Miklau, D. Suciu, 'Containment and equivalence for an Xpath fragment,' Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems, pp.65-76, 2002   DOI
19 OASIS, eXtensible Access control Markup Language(MACML) Version 1.0, OASIS Standard, February 2003. http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
20 http://www.nue.et-inf.uni-siegen.de/geuerpoll-mann/xml_security.html
21 OASIS, Security Assertion Markup Language (SAML) Version 1.1, OASIS Standard, http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
22 W3C, Canonical XML Version 1.0, W3C Recommendation, March 2001. http://www.w3.org/TR/xml-c14n