Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Microsoft SQL Server wikipedia , lookup
Extensible Storage Engine wikipedia , lookup
Open Database Connectivity wikipedia , lookup
Entity–attribute–value model wikipedia , lookup
Microsoft Access wikipedia , lookup
Concurrency control wikipedia , lookup
Relational model wikipedia , lookup
Functional Database Model wikipedia , lookup
Microsoft Jet Database Engine wikipedia , lookup
Versant Object Database wikipedia , lookup
Access Control on XML Data By Narges Fazelidoust & Maryam Masoudian Professor : Dr. Jalili Fall 1393 Outline • • • • • Introduction XML Database Access Control Models Query Rewriting Conclusion 1/9 Introduction XML Database Protecting XML Data Introduction • • • • Rapid growth of the WWW Increasing amount of data Self-describing format Solution: XML Access Control Models Query Rewriting Conclusion 2/9 Introduction XML Database Introduction Protecting XML Data Access Control Models Query Rewriting Conclusion 3/9 Introduction XML Database Protecting XML Data Access Control Models Query Rewriting XML Database • XML-enabled databases (XED) Unacceptable Hybrid XML Performance Database MySQL and PostgreSQL Conclusion 4/9 • native XML databases (NXD) (IBM DB2 and Oracle) BaseX, Sedna, eXist-db Introduction XML Database Protecting XML Data Access Control Models Protecting XML Data • GOAL read query returns only data allowed to access update query makes changes only data allowed to update Query Rewriting Conclusion 5/9 Introduction XML Database Protecting XML Data Access Control Models Protecting XML Data • security approaches of relational databases cannot be easily adapted for XML databases 1. Schema less 2. Node relationship 3. Hierarchical structure Query Rewriting Conclusion 6/9 Introduction XML Database Protecting XML Data Access Control Models Access Control Models scalable solution in huge data, an Annotation & labeling important number of users, and dynamic policies efficient manners specifies the subject permission live only the time user connected to specify, enforce, andto execute the action is (not) allowed (possibly) exchange on the object access nodes rights Conclusion 7/9 Query Rewriting Virtual group of users with a View Materialized provide each materialized view of all and View during enforce policies evaluation of XPath only accessible data Based users requests live for a long time access policy is defined as a set of XPath Instance expressions Based requests are rewritten w.r.t the when the XML dataare and/or policies areorchanged, annotation repeat for everyaccess user, every action aHTML user format underlying access policies Virtual views often provided in text grants/denies access to the entire resource lack of XML support for authorized users to access the data all users views should be changed takes, and each time the policy or the data are changed (email//author[name$=name],Read,+) Query Answering?! ACL, SAML, OAuth, XACL, XACML Traditional Standard Query Rewriting Introduction XML Database Protecting XML Data Access Control Models Query Rewriting Query Rewriting • XML document T, schema D, security view S, virtual view Tv Conclusion 8/9 Introduction XML Database Protecting XML Data Query Rewriting • rewriting algorithms • query language used • class of queries supported • type of the schema considered • type of the read-access policies • The rewriting manner Access Control Models Query Rewriting Conclusion 9/9 [1]. Oasis extensible access control markup language (xacml) tc. https://www.oasisopen.org/committees/tc_home.php?wg_abbrev=xacml. Version 3.0, January 3013. [2]. Maggie Duong and Yanchun Zhang. An integrated access control for securely querying and updating xml data. In Proceedings of the Nineteenth Australasian Database Conference (ADC), volume 75 of CRPIT, pages 7583. Australian Computer Society, 2008. [3]. Mahfoud, Houari. Contrôle d’Acces Efficace pour des Données XML: problemes d’interrogation et de mise-a-jour. Diss. Université de Lorraine, 2014. [4]. Irini Fundulaki and Sebastian Maneth. Formalizing xml access control for update operations. In SACMAT, pages 169174. ACM, 2007. [5]. Anisoara Nica. Incremental maintenance of materialized views with outerjoins. Inf. Syst., 37(5):430-442, 2012. [6]. Benoît Groz, Slawomir Staworko, Anne-Cécile Caron, Yves Roos, and Sophie Tison. Xml security views revisited. In Database Programming Languages - DBPL 2009,12th International Symposium, volume 5708 of Lecture Notes in Computer Science, pages 52-67. Springer, 2009. [7]. Manogna Thimma, Tsam Kai Tsui, and Bo Luo. Hyxac: a hybrid approach for xml access control. In 18th ACM Symposium on Access Control Models and Technologies (SACMAT). ACM, 2013. Introduction XML Database Protecting XML Data Access Control Models Thanks Thanks Query Rewriting Conclusion