Loading…
Static analysis of XML security views and query rewriting
In this paper, we revisit the view based security framework for XML without imposing any of the previously considered restrictions on the class of queries, the class of DTDs, and the type of annotations used to define the view. First, we study query rewriting with views when the classes used to defi...
Saved in:
Published in: | Information and computation 2014-11, Vol.238, p.2-29 |
---|---|
Main Authors: | , , , , |
Format: | Article |
Language: | English |
Subjects: | |
Citations: | Items that this one cites Items that cite this one |
Online Access: | Get full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | In this paper, we revisit the view based security framework for XML without imposing any of the previously considered restrictions on the class of queries, the class of DTDs, and the type of annotations used to define the view. First, we study query rewriting with views when the classes used to define queries and views are Regular XPath and MSO. Next, we investigate problems of static analysis of security access specifications (SAS): we introduce the novel class of interval-bounded SAS and we define three different manners to compare views (i.e. queries) from a security point of view. We provide a systematic study of the complexity for deciding these three comparisons, when the depth of the XML documents is bounded, when the document may have an arbitrary depth but the queries defining the views are restricted to guarantee the interval-bounded property, and in the general setting without restriction on queries and document. |
---|---|
ISSN: | 0890-5401 1090-2651 |
DOI: | 10.1016/j.ic.2014.07.003 |