skip to main content
article

Relevancy-based access control and its evaluation on versioned XML documents

Published:01 February 2007Publication History
Skip Abstract Section

Abstract

Integration of version and access control of XML documents has the benefit of regulating access to rapidly growing archives of XML documents. Versioned XML documents provide us with valuable information on dependencies between document nodes, but, at the same time, presenting the risk of undesirable data disclosure. In this article, we introduce the notion of relevancy-based access control, which realizes protection of versioned XML documents by various types of relevancy, such as version dependencies, schema similarities, and temporal proximity. We define a new path query language XVerPath over XML document versions, which can be utilized for specifying relevancy-based access-control policies. We also introduce the notion of relevancy class, for collectively and compactly specifying relevancy-based policies. Regarding efficient processing of access requests, we propose the packed version model, which realizes space-efficient difference-based archives of versioned XML documents and, at the same time, providing efficient evaluation of XVerPath queries. Experimental results show reasonable performance superiority over conventional methods, which do not utilize version differences.

References

  1. Anutariya, C., Chatvichienchai, S., Iwaihara, M., Wuwongse, V., and Kambayashi, Y. 2003. A rule-based XML access control model. In Proc. 2nd Workshop on Rules and Rule Markup Languages for the Semantic Web. Springer Lecture Note in Computer Science 2876.Google ScholarGoogle Scholar
  2. Bertino, E., Bettini, C., Ferrari, E., and Samarat, P. 1996. A temporal access control mechanism for database systems. IEEE Trans. Knowl. Data Eng. 8, 1, 67--80. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. Bertino, E., Castano, S., Ferrari, E., and Mesiti, M. 2000. Specifying and enforcing access control policies for XML document sources. WWW Journal 3, 3, 139--151. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Bouganim, L., Ngoc, F. D., and Pucheral, P. 2004. Client-based access control management for XML documents. In Proc. of the 30th VLDB Conf. 84--95. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Chatvichienchai, S., Anutariya, C., Iwaihara, M., Wuwongse, V., and Kambayashi, Y. 2004. Towards integration of XML document access and version control. In Proc. Database and Expert Systems Applications (DEXA2004). Springer Lecture Note in Computer Science 3180, 791--800.Google ScholarGoogle ScholarCross RefCross Ref
  6. Chien, S. Y., Tsotras, V. J., and Zaniolo, C. 2001. Efficient management of multiversion documents by object referencing. In Proc. 27th VLDB Conf. 291--300. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Damiani, E., di Vimercati, S. D. C., Paraboschi, S., and Samarati, P. 2002. A fine-grained access control system for XML documents. ACM Trans. Inf. Syst. Secur. 5, 2, 169--202. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Gowadia, V. and Farkas, C. 2003. Rdf metadata for XML access control. In Proc. ACM Workshop on XML Security. 39--48. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Iwaihara, M., Chatvichienchai, S., Anutariya, C., and Wuwongse, V. 2005. Relevancy based access control of versioned XML documents. In Proc. 10th ACM Symposium on Access Control Models and Technologies (SACMAT). 85--94. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Kudo, M. and Hada, S. 2000. XML document security based on provisional authorization. In Proc. 7th ACM Conf. Computer and Communications Security. 87--96. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Marian, A., Abiteboul, S., Cobna, G., and Mignet, L. 2001. Change-centric management of versions in an XML warehouse. In Proc. 27th VLDB Conf. 581--590. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. O'Neil, P. E., O'Neil, E. J., Pal, S., Cseri, I., Schaller, G., and Westbury, N. 2004. Ordpaths: Insert-friendly XML node labels. In Proc. ACM SIGMOD Conf. 903--908. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Tatarinov, I., Viglas, S., Beyer, K. S., Shanmugasundaram, J., Shekita, E. J., and Zhang, C. 2002. Storing and querying ordered XML using a relational database system. In Proc. ACM SIGMOD Conf. 204--215. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. W3C. 1999. XML path language (Xpath) version 1.0. In W3C Recommendation 16 November 1999, http://www.w3.org/TR/xpath.Google ScholarGoogle Scholar
  15. Wong, R. and Lam, N. 2002. Managing and querying multi-version XML data with update logging. In Proc. 2002 ACM Symposium on Document Engineering. 74--81. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. XACML. 2005. extensible access control markup language (XACML) version 2.0. In http://www.oasis-open.org/specs/index.php#xacmlv2.0.Google ScholarGoogle Scholar

Index Terms

  1. Relevancy-based access control and its evaluation on versioned XML documents

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!