Generalized XML security views

G. Kuper; F. Massacci; N. Rassadko

doi:10.1145/1063979.1063994

Generalized XML security views

G. Kuper, F. Massacci, N. Rassadko

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

Abstract

We investigate a generalization of the notion of XML security view introduced by Stoica and Farkas [17] and later refined by Fan et al. [8]. The model consists of access control policies specified over DTDs with XPath expression for data-dependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that can be used by users for query formulation and optimization. Then we show an algorithm to materialize "authorized" version of the document from the view and an algorithm to construct the view from an access control specification. We also propose a number of generalizations for security policies 1. Copyright 2005 ACM.

Original language	English
Title of host publication	SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies
Pages	77-84
DOIs	https://doi.org/10.1145/1063979.1063994
Publication status	Published - 2005
Externally published	Yes
Event	SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies - , Sweden Duration: 1 Jun 2005 → 3 Jun 2005

Publication series

Name	Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Conference

Conference	SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies
Country/Territory	Sweden
Period	1/06/05 → 3/06/05

Access to Document

10.1145/1063979.1063994

Persistent URL (handle)

Persistent link

Cite this

@inproceedings{1a030e6b5d124d6da25ef8f5248eec40,

title = "Generalized XML security views",

abstract = "We investigate a generalization of the notion of XML security view introduced by Stoica and Farkas [17] and later refined by Fan et al. [8]. The model consists of access control policies specified over DTDs with XPath expression for data-dependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that can be used by users for query formulation and optimization. Then we show an algorithm to materialize {"}authorized{"} version of the document from the view and an algorithm to construct the view from an access control specification. We also propose a number of generalizations for security policies 1. Copyright 2005 ACM.",

author = "G. Kuper and F. Massacci and N. Rassadko",

year = "2005",

doi = "10.1145/1063979.1063994",

language = "English",

series = "Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT",

pages = "77--84",

booktitle = "SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies",

note = "SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies ; Conference date: 01-06-2005 Through 03-06-2005",

}

Kuper, G, Massacci, F & Rassadko, N 2005, Generalized XML security views. in SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, pp. 77-84, SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies, Sweden, 1/06/05. https://doi.org/10.1145/1063979.1063994

Generalized XML security views. / Kuper, G.; Massacci, F.; Rassadko, N.
SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies. 2005. p. 77-84 (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT).

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Generalized XML security views

AU - Kuper, G.

AU - Massacci, F.

AU - Rassadko, N.

PY - 2005

Y1 - 2005

N2 - We investigate a generalization of the notion of XML security view introduced by Stoica and Farkas [17] and later refined by Fan et al. [8]. The model consists of access control policies specified over DTDs with XPath expression for data-dependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that can be used by users for query formulation and optimization. Then we show an algorithm to materialize "authorized" version of the document from the view and an algorithm to construct the view from an access control specification. We also propose a number of generalizations for security policies 1. Copyright 2005 ACM.

AB - We investigate a generalization of the notion of XML security view introduced by Stoica and Farkas [17] and later refined by Fan et al. [8]. The model consists of access control policies specified over DTDs with XPath expression for data-dependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that can be used by users for query formulation and optimization. Then we show an algorithm to materialize "authorized" version of the document from the view and an algorithm to construct the view from an access control specification. We also propose a number of generalizations for security policies 1. Copyright 2005 ACM.

U2 - 10.1145/1063979.1063994

DO - 10.1145/1063979.1063994

M3 - Conference contribution

T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

SP - 77

EP - 84

BT - SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies

T2 - SACMAT 2005: Proceedings of 10th ACM Symposium on Access Control Models and Technologies

Y2 - 1 June 2005 through 3 June 2005

ER -

Generalized XML security views

Abstract

Publication series

Conference

Access to Document

Persistent URL (handle)

Fingerprint

Cite this