Download Access Control on XML Data

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
Document related concepts

Microsoft SQL Server wikipedia , lookup

Extensible Storage Engine wikipedia , lookup

Open Database Connectivity wikipedia , lookup

Entity–attribute–value model wikipedia , lookup

Microsoft Access wikipedia , lookup

Concurrency control wikipedia , lookup

Database wikipedia , lookup

Relational model wikipedia , lookup

Functional Database Model wikipedia , lookup

Microsoft Jet Database Engine wikipedia , lookup

Versant Object Database wikipedia , lookup

Clusterpoint wikipedia , lookup

Database model wikipedia , lookup

Transcript 
Access Control on XML Data
By Narges Fazelidoust & Maryam Masoudian
Professor : Dr. Jalili
Fall 1393
Outline
•
•
•
•
•
Introduction
XML Database
Access Control Models
Query Rewriting
Conclusion
1/9
Introduction
XML Database
Protecting XML Data
Introduction
•
•
•
•
Rapid growth of the WWW
Increasing amount of data
Self-describing format
Solution:
XML
Access Control Models
Query Rewriting
Conclusion
2/9
Introduction
XML Database
Introduction
Protecting XML Data
Access Control Models
Query Rewriting
Conclusion
3/9
Introduction
XML Database
Protecting XML Data
Access Control Models
Query Rewriting
XML Database
• XML-enabled databases (XED)
Unacceptable
Hybrid XML Performance
Database
MySQL and PostgreSQL
Conclusion
4/9
• native XML databases (NXD)
(IBM DB2 and Oracle)
BaseX, Sedna, eXist-db
Introduction
XML Database
Protecting XML Data
Access Control Models
Protecting XML Data
• GOAL
read query
returns only data allowed to access
update query
makes changes only data allowed to update
Query Rewriting
Conclusion
5/9
Introduction
XML Database
Protecting XML Data
Access Control Models
Protecting XML Data
• security approaches of relational databases
cannot be easily adapted for XML databases
1. Schema less
2. Node relationship
3. Hierarchical structure
Query Rewriting
Conclusion
6/9
Introduction
XML Database
Protecting XML Data
Access Control Models
Access Control Models
scalable solution in huge data, an
Annotation & labeling
important number of users, and
dynamic policies
efficient
manners specifies the subject
permission
live only the time user connected
to specify,
enforce,
andto execute the action
is (not)
allowed
(possibly)
exchange
on the
object access
nodes rights
Conclusion
7/9
Query
Rewriting
Virtual
group of users with a
View
Materialized provide each
materialized view of all and
View during
enforce
policies
evaluation of
XPath
only accessible data
Based users requests
live for a long time
access
policy
is
defined
as a set of XPath
Instance
expressions
Based
requests are rewritten w.r.t the
when
the XML
dataare
and/or
policies
areorchanged,
annotation
repeat
for
everyaccess
user,
every
action
aHTML
user format
underlying
access
policies
Virtual
views
often
provided
in
text
grants/denies
access
to
the entire
resource
lack of XML
support
for authorized
users
to
access
the
data
all
users
views
should
be
changed
takes,
and
each
time
the
policy
or
the
data
are
changed
(email//author[name$=name],Read,+)
Query Answering?!
ACL, SAML, OAuth, XACL, XACML
Traditional
Standard
Query Rewriting
Introduction
XML Database
Protecting XML Data
Access Control Models
Query Rewriting
Query Rewriting
• XML document T, schema D, security view S, virtual view Tv
Conclusion
8/9
Introduction
XML Database
Protecting XML Data
Query Rewriting
• rewriting algorithms
• query language used
• class of queries supported
• type of the schema considered
• type of the read-access policies
• The rewriting manner
Access Control Models
Query Rewriting
Conclusion
9/9
[1]. Oasis extensible access control markup language (xacml) tc. https://www.oasisopen.org/committees/tc_home.php?wg_abbrev=xacml. Version 3.0, January 3013.
[2]. Maggie Duong and Yanchun Zhang. An integrated access control for securely
querying and updating xml data. In Proceedings of the Nineteenth Australasian
Database Conference (ADC), volume 75 of CRPIT, pages 7583. Australian Computer
Society, 2008.
[3]. Mahfoud, Houari. Contrôle d’Acces Efficace pour des Données XML: problemes
d’interrogation et de mise-a-jour. Diss. Université de Lorraine, 2014.
[4]. Irini Fundulaki and Sebastian Maneth. Formalizing xml access control for update
operations. In SACMAT, pages 169174. ACM, 2007.
[5]. Anisoara Nica. Incremental maintenance of materialized views with outerjoins.
Inf. Syst., 37(5):430-442, 2012.
[6]. Benoît Groz, Slawomir Staworko, Anne-Cécile Caron, Yves Roos, and Sophie Tison.
Xml security views revisited. In Database Programming Languages - DBPL 2009,12th
International Symposium, volume 5708 of Lecture Notes in Computer Science, pages
52-67. Springer, 2009.
[7]. Manogna Thimma, Tsam Kai Tsui, and Bo Luo. Hyxac: a hybrid approach for xml
access control. In 18th ACM Symposium on Access Control Models and Technologies
(SACMAT). ACM, 2013.
Introduction
XML Database
Protecting XML Data
Access Control Models
Thanks
Thanks
Query Rewriting
Conclusion
Related documents
Asilomar What about Xquery?
Asilomar What about Xquery?
XDWE: A prototype to establish XML as a Native Data Source in
XDWE: A prototype to establish XML as a Native Data Source in
Process Support Tools and Formalism Exploration
Process Support Tools and Formalism Exploration
database COS 597D: Principles of
database COS 597D: Principles of
Slides - UF CISE
Slides - UF CISE
slides - Jiaheng Lu
slides - Jiaheng Lu
XML Parsing Using JAXP
XML Parsing Using JAXP
xml
xml
Software development technologies
Software development technologies
bcXML, an XML Vocabulary for Building and Construction
bcXML, an XML Vocabulary for Building and Construction
Programme Specification
Programme Specification
DYNAMIC NET DATA: THEORY AND EXPERIMENT
DYNAMIC NET DATA: THEORY AND EXPERIMENT
Introduction to XML
Introduction to XML
My Current DB Projects and General Database Trends
My Current DB Projects and General Database Trends
MSword - Jim Gray
MSword - Jim Gray