Abstract
In this paper we investigate the feasibility and efficiency of mapping XML data and access control policies onto relational and native XML databases for storage and querying. We developed a re-annotation algorithm that computes the XPath query which designates the XML nodes to be re-annotated when an update operation occurs. The algorithm uses XPath static analysis and our experimental results show that our re-annotation solution is on the average 7 times faster than annotating the entire document.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Amer-Yahia, S., Du, F., Freire, J.: A comprehensive solution to the XML-to-relational mapping problem. In: Proc. of the 6th Annual ACM Int’l workshop on Web Information and Data Management, pp. 31–38. ACM, New York (2004)
Benedikt, M., Fan, W., Kuper, G.: Structural properties of XPath fragments. Theoretical Computer Science 336(1), 3–31 (2005)
Bertino, E., Ferrari, E.: Secure and selective dissemination of XML documents. ACM Transactions on Information and System Security 5(3), 290–331 (2002)
Biron, P.V., Malhotra, A.: XML Schema Part 2: Datatypes Second Edition, October 2004, W3C Recommendation (2004), http://www.w3.org/TR/xmlschema-2/
Cho, S.R., Amer-Yahia, S., Lakshmanan, L.V.S., Srivastava, D.: Optimizing the secure evaluation of twig queries. In: Proc. of the 28th Int’l Conf. on Very Large Data Bases, pp. 490–501. VLDB Endowment (2002)
Clark, J., DeRose, S., et al.: XML path language (XPath) version 1.0. W3C recommendation (1999), http://www.w3c.org/TR/xpath
Damiani, E., Di Vimercati, S.C., Paraboschi, S., Samarati, P.: A fine-grained access control system for XML documents. ACM Transactions on Information and System Security (TISSEC) 5(2), 169–202 (2002)
Du, F., Amer-Yahia, S., Freire, J.: ShreX: Managing XML documents in relational databases. In: Proc. of the 30th Int’l Conf. on Very large data bases, vol. 30, pp. 1297–1300. VLDB Endowment (2004)
David, C.: Fallside and Priscilla Walmsley. XML Schema Part 0: Primer Second Edition, October 2004, W3C Recommendation (2004), http://www.w3.org/TR/xmlschema-0/
Fan, W., Chee-Yong, C., Garofalakis, M.: Secure XML querying with security views. In: Proc. of the ACM SIGMOD Int’l Conf. on Management of Data (SIGMOD), Paris, France, pp. 587–598 (2004)
Fundulaki, I., Marx, M.: Specifying access control policies for XML documents with XPath. In: Proc. of the 9th ACM symposium on Access control models and technologies, pp. 61–69. ACM, New York (2004)
Gottlob, G., Koch, C., Pichler, R., Segoufin, L.: The complexity of XPath query evaluation and XML typing. Journal of the ACM 52(2), 284–335 (2005)
Haj-Yahya, K.: XPath-Containment Checker. Version: (2005), http://www.ifis.uni-luebeck.de/projects/XPathContainment
Ioannidis, S.: Security policy consistency and distributed evaluation in heterogeneous environments. PhD thesis, Philadelphia, PA, USA (2005)
Jajodia, S., Samarati, P., Subrahmanian, V.S.: A Logical Language for Expressing Authorizations. In: Proc. IEEE Computer Society Symposium on Security and Privacy, pp. 31–42 (1997)
Kuper, G., Massacci, F., Rassadko, N.: Generalized XML security views. Int’l Journal of Information Security 8(3), 173–203 (2009)
Lupu, E.C., Sloman, M.S.: Conflict Analysis for Management Policies. In: Proc. of the 5th IFIP/IEEE Int’l Symposium on Integrated Network Management IM, San Diego, CA (1997)
Miklau, G., Suciu, D.: Containment and equivalence for a fragment of XPath. Journal of the ACM 51(1), 2–45 (2004)
Neven, F., Schwentick, T.: XPath containment in the presence of disjunction, DTDs, and variables. LNCS, pp. 315–329 (2003)
Qi, N., Kudo, M., Myllymaki, J., Pirahesh, H.: A function-based access control model for XML databases. In: Proc. of the 14th ACM Int’l Conf. on Information and Knowledge Management, pp. 115–122. ACM, New York (2005)
Schmidt, A., Waas, F., Kersten, M., Carey, M.J., Manolescu, I., Busse, R.: XMark: A benchmark for XML data management. In: Proc. of the 28th Int’l Conf. on Very Large Data Bases, pp. 974–985. VLDB Endowment (2002)
Schwentick, T.: XPath query containment. SIGMOD RECORD 33(1), 101 (2004)
Tan, K.L., Lee, M.L., Wang, Y.: Access control of XML documents in relational database systems. In: Int’l Conf. on Internet Computing, pp. 185–191. Citeseer (2001)
Thompson, H.S., Beech, D., Maloney, M., Mendelsohn, N.: XML Schema Part 1: Structures Second Edition, October 2004, W3C Recommendation (2004), http://www.w3.org/TR/xmlschema-1/
Wadler, P.: Two semantics for XPath. Technical report (2000)
Yu, T., Srivastava, D., Lakshmanan, L.V.S., Jagadish, H.V.: A compressed accessibility map for XML. ACM Transactions on Database Systems (TODS) 29(2), 363–402 (2004)
Zhang, H., Zhang, N., Salem, K., Zhuo, D.: Compact access control labeling for efficient secure XML query evaluation. Data & Knowledge Engineering 60(2), 326–344 (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Koromilas, L., Chinis, G., Fundulaki, I., Ioannidis, S. (2009). Controlling Access to XML Documents over XML Native and Relational Databases. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2009. Lecture Notes in Computer Science, vol 5776. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04219-5_8
Download citation
DOI: https://doi.org/10.1007/978-3-642-04219-5_8
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04218-8
Online ISBN: 978-3-642-04219-5
eBook Packages: Computer ScienceComputer Science (R0)