Formalizing XML access control for update operations

Irini Fundulaki, Sebastian Maneth

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Several languages have been proposed over the past years which support the specification of access control on XML data. Most of these languages consider read-access restrictions only and do not deal with access rights for updates(such as add, delete, or modify operations). Fine-grain XML update operations are subject to current research. This paper proposes XACU, a language for specifying access control on XML data in the presence of update operations. The update operations used in XACU are based on the W3CX Query Update Facility working draft. A formal access control model is defined which allows to study properties of XACU access policies. One essential property is consistency the policy should not allow the execution of a sequence of updates which has the same total effect as an update forbidden by the policy. Since XACU is a rich language with inherent ambiguities, checking consistency of a set of XACU rules is difficult, and undecidable in general.
Original languageEnglish
Title of host publicationSACMAT 2007, 12th ACM Symposium on Access Control Models and Technologies, Sophia Antipolis, France, June 20-22, 2007, Proceedings
Number of pages6
ISBN (Electronic)978-1-59593-745-2
Publication statusPublished - 2007

Fingerprint Dive into the research topics of 'Formalizing XML access control for update operations'. Together they form a unique fingerprint.

Cite this