ABSTRACT
very few research works have been done on XML security over relational databases despite that XML became the de facto standard for the data representation and exchange on the internet and a lot of XML documents are stored in RDBMS. In [14], the author proposed an access control model for schema-based storage of XML documents in relational storage and translating XML access control rules to relational access control rules. However, the proposed algorithms had performance drawbacks. In this paper, we will use the same access control model of [14] and try to overcome the drawbacks of [14] by proposing an efficient technique to store the XML access control rules in a relational storage of XML DTD. The mapping of the XML DTD to relational schema is proposed in [7]. We also propose an algorithm to translate XPath queries to SQL queries based on the mapping algorithm in [7].
- R. Abassi, F. Jacquemard, M. Rusinowitch, and S. G. E. Fatmi. XML Access Control:from XACML to Annotated Schemas. In Proceedings of the 2nd International Conference on Communications and Networking (ComNet), pages 1--8, 2010.Google Scholar
- E. Bertino and E. Ferrari. Secure and Selective Dissemination of XML Documents. ACM Transactions on Information and System Security (TISSEC), 5(3):290-- 331, Aug., 2002. Google ScholarDigital Library
- S. Chang, A. Chebotko, S. Lu, and F. Fotouhi. Graph Matching Based Authorization Model for Effiient Secure XML Querying. In Proceedings of the AINA Workshops, pages 473--478, 2007. Google ScholarDigital Library
- E. Damiani, S. Vimercati, S. Paraboschi, and P. Samarati. Design and Implementation of an Access Control Processor for XML Documents. Computer Networks, 33(6):59--71, 2000. Google ScholarDigital Library
- E. Damiani, S. Vimercati, S. Paraboschi, and P. Samarati. Securing XML documents. In Proceedings of the International Conference on Extending Databas Technology, pages 121--135, 2000. Google ScholarDigital Library
- E. Damiani, S. Vimercati, S. Paraboschi, and P. Samarati. A Fine-Grained Access Control System for XML Documents. ACM Transactions on Information and System Security (TISSEC), 5(2):169--202, May, 2000. Google ScholarDigital Library
- A. A. A. El-Aziz and A. Kannan. Mapping XML DTDs to Relational Schemas. In Proceedings of the 2nd International Conference on Computer Communication and Informatics (ICCCI), pages 1--7, 10--12 Jan., 2012.Google Scholar
- W. Fan, C. Chan, and M. Garofalakis. Secure XML quering with security views. In Proceedings of SIGMOD 2004, pages 587--598, 2004. Google ScholarDigital Library
- A. Gabillon and E. Bruno. Regulating Access to XML Documents. In Proceedings of the Working Conference on Database and Application Security, July, 2001. Google ScholarDigital Library
- D. Lee, W. Lee, and P. Liu. Supporting XML Security Models using Relational Databases. A Vision. Lecture Note In Computer Science, Springer-Verlag Berlin Heidelberg, pages 267--281, Sep., 2003.Google Scholar
- B. Luo, D. Lee, and P. Liu. Pragmatic XML Access Control using Off-the-shelf RDBMS. In Proceedings of the 12th European Symposium on Research in Computer Security (ESORICS), pages 55--71, 24--26 Sep., 2007. Google ScholarDigital Library
- S. Mohan, A. Sengupta, Y. Wu, and J. Klinginsmith. Access Control for XML-A Dynamic Query Rewrinting Approach. In Proceedings of the 14th ACM international conference on Information and knowledge management, 2005. Google ScholarDigital Library
- M. Murata, A. Tozawa, and M. Kudo. XML Access Control using Static Analysis. In Proceedings of the 10th ACM conference on Computer and communications security, pages 73--84, Oct., 2003. Google ScholarDigital Library
- J. Patel and M. Atay. An Efficient Access Control Model for Schema-Based Relational Storage of XML Documents. In Proceedings of the 49th Annual ACM Southeast Regional Conference, pages 97--102, 24--24 March, 2011. Google ScholarDigital Library
- K. L. Tan, M. L. Lee, and Y. Wang. Access Control of XML Documents in Relational Database Systems. In Proceedings of the International Conference on Internet Computing (IC), pages 185--191, 2001.Google Scholar
Index Terms
- Storing XML rules in relational storage of XML DTD
Recommendations
XML data mediator integrated solution for xml roundtrip from xml to relational
WWW Alt. '04: Proceedings of the 13th international World Wide Web conference on Alternate track papers & postersThis paper presents a system for efficient data transformations between XML and relational databases, called XML Data Mediator (XDM). XDM enables the transformation by externalizing the specification of the mapping in a script and using an efficient run-...
A performance evaluation of storing XML data in relational database management systems
WIDM '01: Proceedings of the 3rd international workshop on Web information and data managementXML is an emerging standard for the representation and exchange of Internet data. Along with document type definition (DTD), XML permits the execution of a collection of queries, using XPath to identify data in XML documents. In this paper we examine ...
An efficient access control model for schema-based relational storage of XML documents
ACM-SE '11: Proceedings of the 49th Annual Southeast Regional ConferenceVery few research works have been done on XML access control over relational databases despite the fact that there is an undeniable amount of XML data stored in RDBMS. Moreover, the proposed algorithms in the literature have performance drawbacks. In ...
Comments