TY - GEN
T1 - Pragmatic XML access control using off-the-shelf RDBMS
AU - Luo, Bo
AU - Lee, Dongwon
AU - Liu, Peng
PY - 2007
Y1 - 2007
N2 - As the XML model gets more popular, new needs arise to specify access control within XML model. Various XML access control models and enforcement methods have been proposed recently. However, by and large, these approaches either assume the support of security features from XML databases or use proprietary tools outside of databases. Since there are currently few commercial XML databases with such capabilities, the proposed approaches are not yet practical. Therefore, we explore the problem of "Is is possible to fully support XML access control in RDBMS?" We formalize XML and relational access control models using deep set operators. Then we show that the problem of XML AC atop RDBMS is amount to the problem of converting XML deep set operators into equivalent relational deep set operators. We show the conversion algebra and identify the properties to ensure the correct conversion. Finally, we present three practical implementations of XML access controls using off-the-shelf RDBMS and their performance results.
AB - As the XML model gets more popular, new needs arise to specify access control within XML model. Various XML access control models and enforcement methods have been proposed recently. However, by and large, these approaches either assume the support of security features from XML databases or use proprietary tools outside of databases. Since there are currently few commercial XML databases with such capabilities, the proposed approaches are not yet practical. Therefore, we explore the problem of "Is is possible to fully support XML access control in RDBMS?" We formalize XML and relational access control models using deep set operators. Then we show that the problem of XML AC atop RDBMS is amount to the problem of converting XML deep set operators into equivalent relational deep set operators. We show the conversion algebra and identify the properties to ensure the correct conversion. Finally, we present three practical implementations of XML access controls using off-the-shelf RDBMS and their performance results.
UR - http://www.scopus.com/inward/record.url?scp=38049064508&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=38049064508&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-74835-9_5
DO - 10.1007/978-3-540-74835-9_5
M3 - Conference contribution
AN - SCOPUS:38049064508
SN - 9783540748342
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 55
EP - 71
BT - Computer Security - ESORICS 2007 - 12th European Symposium on Research in Computer Security, Proceedings
PB - Springer Verlag
T2 - 12th European Symposium on Research in Computer Security, ESORICS 2007
Y2 - 24 September 2007 through 26 September 2007
ER -