Loading…

Static analysis of XML security views and query rewriting

In this paper, we revisit the view based security framework for XML without imposing any of the previously considered restrictions on the class of queries, the class of DTDs, and the type of annotations used to define the view. First, we study query rewriting with views when the classes used to defi...

Full description

Saved in:
Bibliographic Details
Published in:Information and computation 2014-11, Vol.238, p.2-29
Main Authors: Groz, Benoît, Staworko, Sławomir, Caron, Anne-Cecile, Roos, Yves, Tison, Sophie
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In this paper, we revisit the view based security framework for XML without imposing any of the previously considered restrictions on the class of queries, the class of DTDs, and the type of annotations used to define the view. First, we study query rewriting with views when the classes used to define queries and views are Regular XPath and MSO. Next, we investigate problems of static analysis of security access specifications (SAS): we introduce the novel class of interval-bounded SAS and we define three different manners to compare views (i.e. queries) from a security point of view. We provide a systematic study of the complexity for deciding these three comparisons, when the depth of the XML documents is bounded, when the document may have an arbitrary depth but the queries defining the views are restricted to guarantee the interval-bounded property, and in the general setting without restriction on queries and document.
ISSN:0890-5401
1090-2651
DOI:10.1016/j.ic.2014.07.003