skip to main content
article

XML access control using static analysis

Published: 01 August 2006 Publication History

Abstract

Access control policies for XML typically use regular path expressions such as XPath for specifying the objects for access-control policies. However such access-control policies are burdens to the query engines for XML documents. To relieve this burden, we introduce static analysis for XML access-control. Given an access-control policy, query expression, and an optional schema, static analysis determines if this query expression is guaranteed not to access elements or attributes that are hidden by the access-control policy but permitted by the schema. Static analysis can be performed without evaluating any query expression against actual XML documents. Run-time checking is required only when static analysis is unable to determine whether to grant or deny access requests. A side effect of static analysis is query optimization: access-denied expressions in queries can be evaluated to empty lists at compile time. We further extend static analysis for handling value-based access-control policies and introduce view schemas.

References

[1]
Altinel, M. and Franklin, M. J. 2000. Efficient filtering of XML documents for selective dissemination of information. In Proceedings of the 26th International Conference on Very Large Data Bases. Morgan Kaufmann, Cairo. 53--64.]]
[2]
Atkinson, B. 2002. Schema centric XML canonicalization version 1.0. OASIS Committee Specification. http://uddi.org/pubs/SchemaCentricCanonicalization.htm.]]
[3]
Baeza-Yates, R. A. and Navarro, G. 2002. XQL and proximal nodes. Journal of the American Society for Information Science and Technology 53, 6, 504--514.]]
[4]
Barton, C., Charles, P., Goyal, D., Raghavachari, M., Fontoura, M., and Josifovski, V. 2003. An algorithm for streaming XPath processing with forward and backward axes. In Proceedings of the 19th International Conference on Data Engineering. IEEE Computer Society. 455--466.]]
[5]
Bertino, E. 1992. Data hiding and security in object-oriented databases. In Proceedings of the 8th International Conference on Data Engineering. IEEE Computer Society, Tempe. 338--347.]]
[6]
Bertino, E., Castano, S., Ferrari, E., and Mesiti, M. 1999. Controlled access and dissemination of XML documents. In The 2nd Workshop on Web Information and Data Management. ACM, New York. 22--27.]]
[7]
Bertino, E., Castano, S., Ferrari, E., and Mesiti, M. 2001. Author-X: a Java-based system for XML data protection. In 14th IFIP Workshop on Database Security. IFIP Conference Proceedings, vol. 201. Kluwer, Academic Publ., Boston, MA. 15--26.]]
[8]
Boag, S., Chamberlin, D., Fernández, M. F., Florescu, D., Robie, J., and Siméon, J. 2003. XQuery 1.0: An XML query language. W3C working draft 12 November 2003. http://www.w3.org/TR/xquery/.]]
[9]
Boyer, J. 2001. Canonical XML version 1.0. W3C Recommendation. http://www.w3.org/TR/xml-c14n/.]]
[10]
Bray, T., Paoli, J., Sperberg-McQueen, C. M., Maler, E., and Yergeau, F. 2004. Extensible Markup Language (XML) 1.0. W3C Recommendation. http://www.w3.org/TR/REC-xml.]]
[11]
Chan, C. Y., Felber, P., Garofalakis, M. N., and Rastogi, R. 2002. Efficient filtering of XML documents with XPath expressions. In Proceedings of the 18th International Conference on Data Engineering. 225--234.]]
[12]
Clark, J. 1999. XML Transformations (XSLT) version 1.0. W3C Recommendation. http://www.w3.org/TR/xslt.]]
[13]
Clark, J. and DeRose, S. 1999. XML Path Language (XPath) version 1.0. W3C Recommendation. http://www.w3.org/TR/xpath.]]
[14]
Clark, J. and Murata, M. 2001. RELAX NG specification. OASIS Committee Specification. http://www.oasis-open.org/committees/relax-ng/spec-20011203.html.]]
[15]
Comon, H., Dauchet, M., Gilleron, R., Jacquemard, F., Lugiez, D., Tison, S., and Tommasi, M. 1997. Tree automata techniques and applications. Available at http://www.grappa.univ-lille3.fr/tata. release October, 1st 2002.]]
[16]
Damiani, E., di Vimercati, S. D. C., Paraboschi, S., and Samarati, P. 2000. Securing XML documents. In Proceedings of the 7th International Conference on Extending Database Technology (EDBT). Lecture Notes in Computer Science, vol. 1777. Springer, Konstanz. 121--135.]]
[17]
Deutsch, A. and Tannen, V. 2001. Containment and integrity constraints for XPath fragments. In Proceedings of 8th International Workshop on Knowledge Representation Meets Databases.]]
[18]
Draper, D., Frankhauser, P., Fernández, M., Malhotra, A., Rose, K., Rys, M., Simeon, J., and Wadler, P. 2004. XQuery 1.0 and XPath 2.0 formal semantics. W3C working draft 20 February 2004.]]
[19]
Fan, W. and Libkin, L. 2002. On XML integrity constraints in the presence of DTDs. J. ACM 49, 3, 368--406.]]
[20]
Fan, W., Chan, C. Y., and Garofalakis, M. N. 2004. Secure XML querying with security views. In Proceedings of the 23rd SIGMOD International Conference on Management of Data, to appear. ACM, New York.]]
[21]
Fernández, M. F. and Suciu, D. 1998. Optimizing regular path expressions using graph schemas. In Proceedings of the 14th International Conference on Data Engineering. 14--23.]]
[22]
Gabillon, A. and Bruno, E. 2001. Regulating access to XML documents. In Proceedings of the 15th IFIP WG 11.3 Working Conference on Database Security. 299--314.]]
[23]
Godik, S. and Moses, T., Eds. 2003. Extensible access-control markup language (XACML) version 1.0. OASIS Standard http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml.]]
[24]
Gottlob, G., Koch, C., and Pichler, R. 2002. Efficient algorithms for processing XPath queries. In Proceedings of the 28th International Conference on Very Large Data Bases. 95--106.]]
[25]
Green, T. J., Miklau, G., Onizuka, M., and Suciu, D. 2002. Processing XML streams with deterministic automata. In Proceedings of the 9th International Conference on Database Theory. Springer-Verlag, New York. 173--189.]]
[26]
Hopcroft, J. E. 1971. An n log n algorithm for minimizing states in a finite automaton. Theory of Machines and Computations. 189--196.]]
[27]
Hopcroft, J. E. and Ullman, J. D. 1979. Introduction to Automata Theory, Languages, and Computation. Addison-Wesley, Reading, MA.]]
[28]
Hosoya, H. and Murata, M. 2002. Validation and boolean operations for attribute-element constraints. In Programming Languages Technologies for XML (PLAN-X).]]
[29]
Hosoya, H. and Pierce, B. C. 2003. XDuce: A typed XML processing language. ACM Transactions on Internet Technology 3, 2, 117--148.]]
[30]
Kudo, M. and Hada, S. 2000. XML document security based on provisional authorization. In Proceedings of the 7th Conference on Computer and Communications Security. ACM, New York. 87--96.]]
[31]
Li, Q. and Moon, B. 2001. Indexing and querying XML data for regular path expressions. In Proceedings of the 27th International Conference on Very Large Databases. 361--370.]]
[32]
Luo, B., Lee, D., Lee, W.-C., and Liu, P. 2004. QFilter: Practical and scalable XML access controls via NFA-based query filtering. Tech. rep., Penn State University. Februrary.]]
[33]
Miklau, G. and Suciu, D. 2004. Containment and equivalence for a fragment of XPath. J. ACM 51, 1, 2--45.]]
[34]
Murata, M. 2001. Extended path expressions for XML. In Proceedings of the 20th Symposium on Principles of database systems. Santa Barbara, CA. 126--137.]]
[35]
Murata, M., Tozawa, A., Kudo, M., and Hada, S. 2003. XML access-control using static analysis. In Proceedings of the 10th ACM Conference on Computer and Communication Security. ACM Press, New York. 73--84.]]
[36]
Murata, M., Lee, D., Mani, M., and Kawaguchi, K. 2005. Taxonomy of XML schema languages using formal language theory. ACM Transactions on Internet Technology 5, 4, 660--704.]]
[37]
Naishin Qi, M. K. 2005. XML access-control with policy matching tree. In 10th European Symposium On Research In Computer Security.]]
[38]
Neven, F. and Schwentick, T. 2003. XPath containment in the presence of disjunction, DTDs, and variables. In The 9th International Conference on Database Theory. 315--329.]]
[39]
Olteanu, D., Meuss, H., Furche, T., and Bry, F. 2002. XPath: Looking forward. In Proceedings of the EDBT Workshop on XML Data Management (XMLDM). Vol. 2490. Springer, New York. 109--127.]]
[40]
Papakonstantinou, Y. and Vassalos, V. 1999. Query rewriting for semistructured data. In Proceedings of the 1999 ACM SIGMOD international conference on Management of data. ACM Press, New York. 455--466.]]
[41]
Rabitti, F., Bertino, E., Kim, W., and Woelk, D. 1991. A model of authorization for next-generation database systems. ACM Trans. Database Syst. 16, 1, 88--131.]]
[42]
Thompson, H. S., Beech, D., Maloney, M., and Mendelsohn, N. 2001. XML Schema part 1: Structures. W3C Recommendation. http://www.w3.org/TR/xmlschema-1/.]]
[43]
Wood, P. T. 2003. Containment for XPath fragments under DTD constraints. In The 9th International Conference on Database Theory. 297--311.]]

Cited By

View all
  • (2023)Autonomously Computable Information ExtractionProceedings of the VLDB Endowment10.14778/3603581.360358516:10(2431-2443)Online publication date: 8-Aug-2023
  • (2023)Secure RDTs: Enforcing Access Control Policies for Offline Available JSON DataProceedings of the ACM on Programming Languages10.1145/36228027:OOPSLA2(146-172)Online publication date: 16-Oct-2023
  • (2021)Ontology Dependence Closure based on Privacy Association2021 8th International Conference on Dependable Systems and Their Applications (DSA)10.1109/DSA52907.2021.00044(289-294)Online publication date: Aug-2021
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Information and System Security
ACM Transactions on Information and System Security  Volume 9, Issue 3
August 2006
156 pages
ISSN:1094-9224
EISSN:1557-7406
DOI:10.1145/1178618
Issue’s Table of Contents

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 August 2006
Published in TISSEC Volume 9, Issue 3

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Access control
  2. XML
  3. XPath
  4. XQuery
  5. automaton
  6. query optimization
  7. schema
  8. static analysis
  9. value-based access control
  10. view schema

Qualifiers

  • Article

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)9
  • Downloads (Last 6 weeks)1
Reflects downloads up to 16 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Autonomously Computable Information ExtractionProceedings of the VLDB Endowment10.14778/3603581.360358516:10(2431-2443)Online publication date: 8-Aug-2023
  • (2023)Secure RDTs: Enforcing Access Control Policies for Offline Available JSON DataProceedings of the ACM on Programming Languages10.1145/36228027:OOPSLA2(146-172)Online publication date: 16-Oct-2023
  • (2021)Ontology Dependence Closure based on Privacy Association2021 8th International Conference on Dependable Systems and Their Applications (DSA)10.1109/DSA52907.2021.00044(289-294)Online publication date: Aug-2021
  • (2019)Predictable and Consistent Information ExtractionProceedings of the ACM Symposium on Document Engineering 201910.1145/3342558.3345391(1-10)Online publication date: 23-Sep-2019
  • (2019)AuthCheck: Program-State Analysis for Access-Control VulnerabilitiesFormal Methods. FM 2019 International Workshops10.1007/978-3-030-54997-8_34(557-572)Online publication date: 7-Oct-2019
  • (2018)Extensible markup language keywords search based on security access controlInternational Journal of Grid and Utility Computing10.1504/IJGUC.2018.0902279:1(43-50)Online publication date: 1-Jan-2018
  • (2016)One-variable context-free hedge automataJournal of Computer and System Sciences10.1016/j.jcss.2016.10.006Online publication date: Nov-2016
  • (2016)An Attribute-Based Protection Model for JSON DocumentsNetwork and System Security10.1007/978-3-319-46298-1_20(303-317)Online publication date: 21-Sep-2016
  • (2015)Expressive logical combinators for freeProceedings of the 24th International Conference on Artificial Intelligence10.5555/2832249.2832292(311-317)Online publication date: 25-Jul-2015
  • (2015)HyXAC: Hybrid XML Access Control Integrating View-Based and Query-Rewriting ApproachesIEEE Transactions on Knowledge and Data Engineering10.1109/TKDE.2015.240736627:8(2190-2202)Online publication date: 1-Aug-2015
  • Show More Cited By

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media