skip to main content
10.1145/1103022.1103029acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
Article

An access control model for querying XML data

Published: 11 November 2005 Publication History

Abstract

In the last few years, an increasing amount of si-structured data have become available electronically to humans and programs. In such a context, XML is rapidly erging as the new standard for si-structured data representation and exchange on the Internet. Securing XML data is then becoming increasingly important and several attpts at developing methods for securing XML data have been proposed. However, these proposals do not take into consideration scenarios where users want to query XML data by using complex query language.In this paper, we propose an extension to our previous access control model handling the new standard query language XQuery, which is a powerful and convenient language designed for querying XML data.

References

[1]
Serge Abiteboul. Querying si-structured data. In Proc. ICDT'97, 1997.]]
[2]
E. Bertino, S. Castano, E. Ferrari, and M. Mesiti. Specifying en Enforcing Access Control Policies for XML Document Sources, World Wide Web Journal, vol. 3, Baltezer Science Publisher, 2000.]]
[3]
W3C Consortium. Xml 1.0, Feb. 1998. http://www.w3.org/XML.]]
[4]
Ernesto Damiani, Sabrina De~Capitani di~Vimercati, Stefano Paraboschi, and Pierangela Samarati. Securing xml documents. Lecture Notes in Computer Science, 1777:121--??, 2000.]]
[5]
Ernesto Damiani, Sabrina De Capitani~Di Vimercati, Stefano Paraboschi, and Pierangela Samarati. A fine-grained access control documents.]]
[6]
I. Fundulaki and M. Marx. Specifying Access Control Policies for XML Documents with XPath. ACM Symp. on Access Control Models and Technologies (SACMAT), 2004. citeseer.ist.psu.edu/640891.html]]
[7]
A. Gabillon. An authorization model for xml databases. In Proc. of the 11th ACM Conference on Computer Security (Workshop Secure Web Services), George Mason University, Fairfax, VA, USA, 2004.]]
[8]
T.F. Lunt. Access control policies for database systs. In C.E. Landwehr, editor, Database Security, II: Status and Prospects, pages 41--52. North-Holland, Amsterdam, 1989.]]
[9]
A. Gabillon and E. Bruno. Regulating Access to XML documents. Fifteenth Annual IFIP WG 11.3 Working Conference on Database Security, Niagara on the Lake, Ontario, Canada, July, 2001.]]
[10]
M. Kudo and S. Hada. XML Document Security based on Provisional Authorization. Proc. of the 7th ACM Conference on Computer and communication security. Athens, Greece, Noveber 2000.]]
[11]
W3C. Xml query (xquery) version 2.0, 2004. http://www.w3.org/XML/Query.]]
[12]
World Wide Web Consortium (W3C). XML Path Language (XPath) Version 1.0, Novber 1999. http://www.w3.org/tr/xpath.]]

Cited By

View all
  • (2013)Privacy query rewriting algorithm instrumented by a privacy-aware access control modelannals of telecommunications - annales des télécommunications10.1007/s12243-013-0365-869:1-2(3-19)Online publication date: 15-May-2013
  • (2011)QFilterThe VLDB Journal — The International Journal on Very Large Data Bases10.1007/s00778-010-0202-x20:3(397-415)Online publication date: 1-Jun-2011
  • (2010)A Formal Language for Specifying Complex XML Authorisations with Temporal ConstraintsInformation Security and Cryptology10.1007/978-3-642-16342-5_32(443-457)Online publication date: 2010
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SWS '05: Proceedings of the 2005 workshop on Secure web services
November 2005
98 pages
ISBN:1595932348
DOI:10.1145/1103022
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 November 2005

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. XML
  2. XML access control
  3. XQuery

Qualifiers

  • Article

Conference

CCS05
Sponsor:

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)3
  • Downloads (Last 6 weeks)0
Reflects downloads up to 18 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2013)Privacy query rewriting algorithm instrumented by a privacy-aware access control modelannals of telecommunications - annales des télécommunications10.1007/s12243-013-0365-869:1-2(3-19)Online publication date: 15-May-2013
  • (2011)QFilterThe VLDB Journal — The International Journal on Very Large Data Bases10.1007/s00778-010-0202-x20:3(397-415)Online publication date: 1-Jun-2011
  • (2010)A Formal Language for Specifying Complex XML Authorisations with Temporal ConstraintsInformation Security and Cryptology10.1007/978-3-642-16342-5_32(443-457)Online publication date: 2010
  • (2009)A formal language for specifying complex XML authorisations with temporal constraintsProceedings of the 5th international conference on Information security and cryptology10.5555/1950111.1950152(443-457)Online publication date: 12-Dec-2009
  • (2008)An integrated access control for securely querying and updating XML dataProceedings of the nineteenth conference on Australasian database - Volume 7510.5555/1378307.1378324(75-84)Online publication date: 1-Jan-2008
  • (2007)Securely updating XMLProceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III10.5555/1771230.1771384(1098-1106)Online publication date: 12-Sep-2007
  • (2007)Distributed access controlProceedings of the 12th ACM symposium on Access control models and technologies10.1145/1266840.1266850(61-70)Online publication date: 20-Jun-2007
  • (2007)Securely Updating XMLKnowledge-Based Intelligent Information and Engineering Systems10.1007/978-3-540-74829-8_134(1098-1106)Online publication date: 2007
  • (2006)Two phase filtering for XML access controlProceedings of the Third VLDB international conference on Secure Data Management10.1007/11844662_9(115-130)Online publication date: 10-Sep-2006

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media