XML access control using static analysis

Access control policies for XML typically use regular path expressions such as XPath for specifying the objects for access control policies. However such access control policies are burdens to the engines for XML query languages. To relieve this burden, we introduce static analysis for XML access control. Given an access control policy, query expression, and an optional schema, static analysis determines if this query expression is guaranteed not to access elements or attributes that are permitted by the schema but hidden by the access control policy. Static analysis can be performed without evaluating any query expression against an actual database. Run-time checking is required only when static analysis is unable to determine whether to grant or deny access requests. A nice side-effect of static analysis is query optimization: access-denied expressions in queries can be evaluated to empty lists at compile time. We have built a prototype of static analysis for XQuery, and shown the effectiveness and scalability through experiments.

[1]  Michiharu Kudo,et al.  XML Access Control with Policy Matching Tree , 2005, ESORICS.

[2]  Wenfei Fan,et al.  Secure XML querying with security views , 2004, SIGMOD '04.

[3]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[4]  Haruo Hosoya Validation and boolean operations for attribute-element constraints , 2002 .

[5]  John E. Hopcroft,et al.  An n log n algorithm for minimizing states in a finite automaton , 1971 .

[6]  Elisa Bertino,et al.  Data hiding and security in object-oriented databases , 1992, [1992] Eighth International Conference on Data Engineering.

[7]  Dan Suciu,et al.  Optimizing regular path expressions using graph schemas , 1998, Proceedings 14th International Conference on Data Engineering.

[8]  C. M. Sperberg-McQueen,et al.  Extensible markup language , 1997 .

[9]  Elisa Bertino,et al.  Controlled access and dissemination of XML documents , 1999, WIDM '99.

[10]  Alin Deutsch,et al.  Containment and Integrity Constraints for XPath Fragments , 2001 .

[11]  Dan Suciu,et al.  Containment and equivalence for a fragment of XPath , 2004, JACM.

[12]  Elisa Bertino,et al.  Author-X: A Java-Based System for XML Data Protection , 2000, DBSec.

[13]  Marcus Fontoura,et al.  Streaming XPath processing with forward and backward axes , 2003, Proceedings 19th International Conference on Data Engineering (Cat. No.03CH37405).

[14]  Steven J. DeRose,et al.  XML Path Language (XPath) Version 1.0 , 1999 .

[15]  Dan Suciu,et al.  Containment and equivalence for an XPath fragment , 2002, PODS.

[16]  Murali Mani,et al.  Taxonomy of XML schema languages using formal language theory , 2005, TOIT.

[17]  Dan Suciu,et al.  Processing XML Streams with Deterministic Automata , 2003, ICDT.

[18]  J. Clark,et al.  RELAX NG specification , 2001 .

[19]  Rajeev Rastogi,et al.  Efficient filtering of XML documents with XPath expressions , 2002, The VLDB Journal.

[20]  Alban Gabillon,et al.  Regulating Access to XML documents , 2001, DBSec.

[21]  Tim Furche,et al.  XPath: Looking Forward , 2002, EDBT Workshops.

[22]  Ricardo A. Baeza-Yates,et al.  XQL and proximal nodes , 2002, J. Assoc. Inf. Sci. Technol..

[23]  Elisa Bertino,et al.  A model of authorization for next-generation database systems , 1991, TODS.

[24]  Ravi Sandhu,et al.  ACM Transactions on Information and System Security: Editorial , 2005 .

[25]  Charles A. Shoniregun,et al.  Securing XML Documents , 2004, Australas. J. Inf. Syst..

[26]  Wenfei Fan,et al.  On XML integrity constraints in the presence of DTDs , 2001, JACM.

[27]  Benjamin C. Pierce,et al.  Xduce: a typed xml processing language , 1997 .

[28]  C. M. Sperberg-McQueen,et al.  eXtensible Markup Language (XML) 1.0 (Second Edition) , 2000 .

[29]  Michael J. Franklin,et al.  Efficient Filtering of XML Documents for Selective Dissemination of Information , 2000, VLDB.

[30]  Benjamin C. Pierce,et al.  XDuce: A Typed XML Processing Language (Preliminary Report) , 2000, WebDB.

[31]  Makoto Murata,et al.  Extended path expressions of XML , 2001, PODS.

[32]  Yannis Papakonstantinou,et al.  Query rewriting for semistructured data , 1999, SIGMOD '99.

[33]  Thomas Schwentick,et al.  XPath Containment in the Presence of Disjunction, DTDs, and Variables , 2003, ICDT.

[34]  Quanzhong Li,et al.  Indexing and Querying XML Data for Regular Path Expressions , 2001, VLDB.

[35]  Hubert Comon,et al.  Tree automata techniques and applications , 1997 .

[36]  Tim Moses,et al.  EXtensible Access Control Markup Language (XACML) version 1 , 2003 .

[37]  Michiharu Kudo,et al.  XML document security based on provisional authorization , 2000, CCS.

[38]  Peter T. Wood,et al.  Containment for XPath Fragments under DTD Constraints , 2003, ICDT.