A Security Model for XML

Project Details

Key findings

The project has produced an array of results
for effectively preventing inappropriate disclosure of sensitive
and confidential information of XML data, without incurring
any drastic degradation in either performance or functionality
for the underlying XML query-execution engine. The key findings
include the following.
(1) An access control model for XML data stored in either its native
format or in relational databases. The model supports (a) an expressive
language for specifying access-control policies, (b) a novel notion
of security views characterising all and only the information that
a user group is authorised to access, (c) techniques for deriving
security views from access control policies for XML data, and
(d) a novel form of transducers for generating security views from
XML data stored in relations.
(2) Query rewriting and optimisation algorithms for enforcing XML
security without extra costs of materialising and maintaining views.
The algorithms support XPath, a widely used XML query language,
for XML data stored in its native format or in relations.
(3) Effective techniques for supporting updates to XML data
via security views, for XML data stored in its native format
or in relations.
(4) Fundamental results and techniques for reasoning about
the validity and consistency of access control specifications for
XML data.
(5) A functional prototype system, SMOQE, for providing
access control for XML data.
The results were reported in 18 publications in journals
and international database conferences, including top-ranked
computer science journals (J. ACM, SICOMP, TODS) and
first-tier database conferences (SIGMOD, PODS, VLDB, ICDE).
The system was demonstrated at VLDB 2006, a leading all-around
international database conference.
StatusFinished
Effective start/end date1/07/0530/06/08

Funding

  • EPSRC: £309,596.00

Fingerprint

Explore the research topics touched on by this project. These labels are generated based on the underlying awards/grants. Together they form a unique fingerprint.
  • A Cost-Based Model and Effective Heuristic for Repairing Constraints by Value Modification

    Bohannon, P., Flaster, M., Fan, W. & Rastogi, R., 2005, Proceedings of the ACM SIGMOD International Conference on Management of Data, Baltimore, Maryland, USA, June 14-16, 2005. ACM, p. 143-154 12 p.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

  • Information Preserving XML Schema Embedding

    Bohannon, P., Fan, W., Flaster, M. & Narayan, P. P. S., 2005, Proceedings of the 31st International Conference on Very Large Data Bases, Trondheim, Norway, August 30 - September 2, 2005. p. 85-96 12 p.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

  • Query Translation from XPath to SQL in the Presence of Recursive DTDs

    Fan, W., Yu, J. X., Lu, H., Lu, J. & Rastogi, R., 2005, Proceedings of the 31st International Conference on Very Large Data Bases, Trondheim, Norway, August 30 - September 2, 2005. p. 337-348 12 p.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution