IRIS Institutional Research Information System - AIR Archivio Istituzionale della Ricerca

Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user views on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML dataset. The aim of this paper is to describe a model combining the advantages of these approaches and overcoming their limitations. The model specification is given using a Finite State Automata, ensuring generality and easiness of standardization w.r.t. specific implementation techniques.

A general approach to securely querying XML / E. Damiani, M. Fansi, A. Gabillon, S. Marrara - In: State of standards in the information systems security area : WOSIS 2007 / [a cura di] E. Fernández-Medina, M.I. Yagüe. - [s.l] : null, 2007. - pp. 115-122 (( Intervento presentato al 5. convegno International workshop on security in information systems (WOSIS) tenutosi a Funcal, Madeira, Portugal nel 2007.

A general approach to securely querying XML

E. Damiani^Primo;M. Fansi;A. Gabillon;S. Marrara^Ultimo

2007

Abstract

Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user views on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML dataset. The aim of this paper is to describe a model combining the advantages of these approaches and overcoming their limitations. The model specification is given using a Finite State Automata, ensuring generality and easiness of standardization w.r.t. specific implementation techniques.

Scheda breve

Scheda completa

Scheda completa (DC)

	Settori scientifico-disciplinari del contributo
	
			Settore INF/01 - Informatica
		
	Data di pubblicazione
	
			2007
		
	Tipologia
	
			Book Part (author)
		
	Appare nelle tipologie:
	
			03 - Contributo in volume

File in questo prodotto:

File	Dimensione	Formato
XMLSecurityrev.pdf accesso aperto Tipologia: Pre-print (manoscritto inviato all'editore) Dimensione 72.68 kB Formato Adobe PDF Visualizza/Apri	72.68 kB	Adobe PDF	Visualizza/Apri

Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2434/50244

Citazioni

ND

3

ND

social impact