A Vision: RDB-Based XML Security Models Considering Data Levels

In this paper, we take a rather different approach. We explore how to support security models for XML documents by leveraging on techniques developed for relational databases. More specifically, in our approach, (1) Users make XML queries against the given XML view/schema, (2) Access controls for XML data are specified in the relational database (3) Data are stored in relational databases, and (4) Security check and query evaluation are also done in relational databases.

[1]  Peng Liu,et al.  Pragmatic XML Access Control Using Off-the-Shelf RDBMS , 2007, ESORICS.

[2]  Ernesto Damiani,et al.  Design and implementation of an access control processor for XML documents , 2000, Comput. Networks.

[3]  Tim Moses,et al.  EXtensible Access Control Markup Language (XACML) version 1 , 2003 .

[4]  Michiharu Kudo,et al.  Access-Condition-Table-Driven Access Control for XML Databases , 2004, ESORICS.

[5]  David W. Chadwick,et al.  Privacy preserving trust authorization framework using XACML , 2006, 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks(WoWMoM'06).

[6]  Sabrina De Capitani di Vimercati,et al.  A fine-grained access control system for XML documents , 2002, TSEC.

[7]  Michiharu Kudo,et al.  XML Access Control with Policy Matching Tree , 2005, ESORICS.

[8]  Yon Dohn Chung,et al.  Filtering XPath expressions for XML access control , 2004, Comput. Secur..

[9]  Mong-Li Lee,et al.  Access Control of XML Documents in Relational Database Systems , 2001, International Conference on Internet Computing.

[10]  Jinhyung Kim,et al.  VQT: value cardinality and query pattern based R-schema to XML schema translation with implicit referential integrity , 2008 .

[11]  C. Michael Sperberg-McQueen,et al.  Extensible Markup Language (XML) Version 1.0 , 2000 .

[12]  Elisa Bertino,et al.  Secure and selective dissemination of XML documents , 2002, TSEC.

[13]  Peng Liu,et al.  QFilter: fine-grained run-time XML access control via NFA-based query rewriting , 2004, CIKM '04.

[14]  Seog Park,et al.  An Efficient Query-based XML Access Control Enforcement Mechanism , 2007 .