Filters








1,525 Hits in 4.3 sec

Static analysis of XML security views and query rewriting

Benoît Groz, Sławomir Staworko, Anne-Cecile Caron, Yves Roos, Sophie Tison
2014 Information and Computation  
Next, we investigate problems of static analysis of security access specifications (SAS): we introduce the novel class of interval-bounded SAS and we define three different manners to compare views (i.e  ...  First, we study query rewriting with views when the classes used to defined queries and views are Regular XPath and MSO.  ...  Acknowledgements: The authors thank Iovka Boneva and Yves André for fruitful discussions on access control and security views.  ... 
doi:10.1016/j.ic.2014.07.003 fatcat:cyqy62r7o5c3fbqk7lzxkrdtvq

Graph Matching Based Authorization Model for Efficient Secure XML Querying

Seunghan Chang, Artem Chebotko, Shiyong Lu, Farshad Fotouhi
2007 21st International Conference on Advanced Information Networking and Applications Workshops (AINAW'07)  
for partially acceptable queries only if necessary, along with the features of optimization and speed-up for query rewriting by introducing an index structure.  ...  XML is rapidly emerging as a standard for data representation and exchange over the World Wide Web and an increasing amount of sensitive business data is processed in the XML format.  ...  Rewriting is necessary only for partially acceptable queries. Although similar static analysis technique has been proposed by Murata et al.  ... 
doi:10.1109/ainaw.2007.195 dblp:conf/aina/ChangCLF07 fatcat:k4efijwiqzfclhxtpyawlzuebi

QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata

Bo Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu
2010 The VLDB journal  
QFilter is based on non-deterministic finite automata (NFA) and rewrites user's queries such that parts violating access control rules are pre-pruned.  ...  In this paper, we ask whether XML access control can be supported when underlying (XML or relational) storage system does not provide adequate security features and propose three alternative solutions  ...  Inspired by security view and query rewriting, a more recent work [14] annotates XML schema with access rights and converts it into a finite state automaton to rewrite queries.  ... 
doi:10.1007/s00778-010-0202-x fatcat:eo2dwrn2lvcoteplm3xy3mmbiu

QFilter

Bo Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu
2004 Proceedings of the Thirteenth ACM conference on Information and knowledge management - CIKM '04  
view-based approaches that are often expensive to create and maintain; or (3) impractical proposals that require substantial security-related support from underlying XML databases.  ...  At present, most of the state-of-the-art solutions for XML access controls are either (1) document-level access control techniques that are too limited to support fine-grained security enforcement; (2)  ...  static analysis methods.  ... 
doi:10.1145/1031171.1031273 dblp:conf/cikm/LuoLLL04 fatcat:e5kiavaj4rgwtpgmoiot3aqh5e

Towards a physical XML independent XQuery/SQL/XML engine

Zhen Hua Liu, Sivasankaran Chandrasekar, Thomas Baby, Hui J. Chang
2008 Proceedings of the VLDB Endowment  
This results in logical and physical rewrite techniques to optimize XQuery and SQL/XML over a variety of physical XML storage, index and view models, including schema aware object relational XML storage  ...  XML storage, index and view model.  ...  ACKNOWLEDGEMENTS We gratefully acknowledge the contributions of all the members of the Oracle XML DB development and product management teams.  ... 
doi:10.14778/1454159.1454177 fatcat:jdlyx66mcvhovhj67z7fy56q2a

Secure XML querying based on authorization graphs

Artem Chebotko, Seunghan Chang, Shiyong Lu, Farshad Fotouhi
2010 Information Systems Frontiers  
In this way, there will be no further security overhead for the processing of fully acceptable and rejectable queries.  ...  XML is rapidly emerging as a standard for data representation and exchange over the World Wide Web and an increasing amount of sensitive business data is processed in XML format.  ...  XPath query analysis and rewriting Given a user query and a precomputed authorization model, the final step of our security enforcement mechanism is to analyze and rewrite the query into a secure XPath  ... 
doi:10.1007/s10796-010-9289-2 fatcat:elwstorbxrgl7n2mxdyjchbrfq

A general approach to securely querying XML

Ernesto Damiani, Majirus Fansi, Alban Gabillon, Stefania Marrara
2008 Computer Standards & Interfaces  
In [15, 23] , the problem of unsafe query is solved by rewriting the input query based on the notion of security view.  ...  A different approach has been explored in [28] , which performs a static analysis that classifies a XML query to be either always-granted or always-denied before submitting it to an XML engine.  ... 
doi:10.1016/j.csi.2008.03.006 fatcat:iojbapbyavag7keccljt42ekau

Policy Classes and Query Rewriting Algorithm for XML Security Views [chapter]

Nataliya Rassadko
2006 Lecture Notes in Computer Science  
Finally, we discuss the query rewriting approach for our model of XML security views.  ...  We provide a classification of policies using different options of security label propagation and conflict resolution.  ...  Acknowledgments I would like to thank Gabriel Kuper and Fabio Massacci for encouragement and many useful discussions, and Gabriel Kuper, in particular, for checking my English.  ... 
doi:10.1007/11805588_8 fatcat:ahof6d6ff5hnjahagxdg3k6trq

Semantic Mediation for A Posteriori Log Analysis

Farah Dernaika, Nora Cuppens-Boulahia, Frédéric Cuppens, Olivier Raynaud
2019 Proceedings of the 14th International Conference on Availability, Reliability and Security - ARES '19  
CCS CONCEPTS • Behavioral Analysis for Access and Usage Control → A posteriori log analysis.  ...  The a posteriori access control mode consists in monitoring actions performed by users, to detect possible violations of the security policy and to apply sanctions or reparations.  ...  ACKNOWLEDGMENTS This research is funded by be-studys, Meyrin 123, c/o BDO SA, 1219 Châtelaine, GENEVE, a mark of the group be-ys dedicated to research and innovation.  ... 
doi:10.1145/3339252.3340104 dblp:conf/IEEEares/DernaikaCCR19 fatcat:x2gbgruj5fa2dcsmxd2zspstfm

A Flexible Framework for Architecting XML Access Control Enforcement Mechanisms [chapter]

Bo Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu
2004 Lecture Notes in Computer Science  
However, little effort has been put forth to facilitate a uniform analysis and comparison of these schemes under the same framework.  ...  Under this framework, we observe that most existing XML access control mechanisms share the same design principle with slightly different orderings of underlying building blocks (i.e., data, query, and  ...  Performance Evaluation Now we validate the analysis of Section 4 with the experimental results. We use Galax 0.3.1 [14] as the underlying XML engine, and XMark [13] schema and data set.  ... 
doi:10.1007/978-3-540-30073-1_10 fatcat:ef3wq3ikybhwbkpepeh3t3ekxu

Secure Querying of Recursive XML Views: A Standard XPath-based Technique [article]

Houari Mahfoud, Abdessamad Imine
2011 arXiv   pre-print
This rewriting enables us to avoid the overhead of view materialization and maintenance. A major concern here is that query rewriting for recursive XML views is still an open problem.  ...  Most state-of-the art approaches for securing XML documents allow users to access data only through authorized views defined by annotating an XML grammar (e.g.  ...  Security Specification. Figure 9 (b) represents the hospital DTD view D v of a research institute studying inherited patterns of some diseases.  ... 
arXiv:1112.2605v1 fatcat:hms4nnvtovfp5pceblebqhmvxm

Secure querying of recursive XML views

Houari Mahfoud, Abdessamad Imine
2012 Proceedings of the 21st international conference companion on World Wide Web - WWW '12 Companion  
This rewriting enables us to avoid the overhead of view materialization and maintenance. A major concern here is that query rewriting for recursive XML views is still an open problem.  ...  Most state-of-the art approaches for securing XML documents allow users to access data only through authorized views defined by annotating an XML grammar (e.g.  ...  Security Specification. Figure 9 (b) represents the hospital DTD view D v of a research institute studying inherited patterns of some diseases.  ... 
doi:10.1145/2187980.2188134 dblp:conf/www/MahfoudI12 fatcat:mgzf2xwgh5e7fmi456nb5kuyny

XML access control using static analysis

Makoto Murata, Akihiko Tozawa, Michiharu Kudo, Satoshi Hada
2006 ACM Transactions on Privacy and Security  
We have built a prototype of static analysis for XQuery, and shown the effectiveness and scalability through experiments.  ...  A nice side-effect of static analysis is query optimization: access-denied expressions in queries can be evaluated to empty lists at compile time.  ...  Such frameworks typically rely on runtime analysis and do not use static analysis. Our static analysis for XML access control is made possible by the tree-structured nature of XML.  ... 
doi:10.1145/1178618.1178621 fatcat:wtjosayjgreunov7cynu54axcq

XML access control using static analysis

Makoto Murata, Akihiko Tozawa, Michiharu Kudo, Satoshi Hada
2003 Proceedings of the 10th ACM conference on Computer and communication security - CCS '03  
We have built a prototype of static analysis for XQuery, and shown the effectiveness and scalability through experiments.  ...  A nice side-effect of static analysis is query optimization: access-denied expressions in queries can be evaluated to empty lists at compile time.  ...  Such frameworks typically rely on runtime analysis and do not use static analysis. Our static analysis for XML access control is made possible by the tree-structured nature of XML.  ... 
doi:10.1145/948121.948122 fatcat:ifqx53vv55eptk3gwymk4i7tn4

XML access control using static analysis

Makoto Murata, Akihiko Tozawa, Michiharu Kudo, Satoshi Hada
2003 Proceedings of the 10th ACM conference on Computer and communication security - CCS '03  
We have built a prototype of static analysis for XQuery, and shown the effectiveness and scalability through experiments.  ...  A nice side-effect of static analysis is query optimization: access-denied expressions in queries can be evaluated to empty lists at compile time.  ...  Such frameworks typically rely on runtime analysis and do not use static analysis. Our static analysis for XML access control is made possible by the tree-structured nature of XML.  ... 
doi:10.1145/948109.948122 dblp:conf/ccs/MurataTKH03 fatcat:nq6y5djdsje3vgquu55sep6ju4
« Previous Showing results 1 — 15 out of 1,525 results