SQS: A SECURE XML QUERYING SYSTEM

Wei Li, Cindy Chen

2008

Abstract

Contemporary XML database querying systems have to deal with a rapidly growing amount of data and a large number of users. As a consequence, if access control is used to protect sensitive XML data at a fine-grained level, it is inefficient when it comes to query evaluation, since it is difficult to enforce access control on each node in an XML document when the user’s view needs to be computed. We design and develop a secure XML querying system, namely SQS, where caching is used to store query results and security information. Depending on whether there is a cache hit, user queries are rewritten into secure system queries that are executed either on the cached query results or on the original XML document. We propose a new cache replacement policy LSL, which updates the cache based on the security level of each entry. We also demonstrate the performance of the system.

References

  1. Bertino, E., Castano, S., Ferrari, E., and Mesiti, M. (2000). Specifying and enforcing access control policies for XML document sources. World Wide Web Journal.
  2. Cho, S., Amer-Yahia, S., Lakshmanan, L., and Srivastava, D. (2002). Optimizing the secure evaluation of twig queries. In Proceedings of the 28th VLDB Conference.
  3. Damiani, E., di Vimercati, S. D. C., Paraboschi, S., and Samarati, P. (2002). A fine-grained access control system for XML documents. ACM TISSEC.
  4. Fan, W., Chan, C., and Garofalakis, M. (2004). Secure XML quering with security views. In Proceedings of ACM SIGMOD.
  5. Gabillon, A., Munier, M., Bascou, J. J., Gallon, L., and Bruno, E. (2002). An access control model for tree data structures. In 5th Information Security Conference.
  6. Mandhani, B. and Suciu, D. (2005). Query caching and view selection for XML databases. In Proceedings of the 31th VLDB Conference.
  7. Yu, T., Srivastava, D., Lakshmanan, L., and Jagadish, H. (2002). Compressed accessibility map: Efficient access control for XML. In Proceedings of the 28th VLDB Conference.
Download


Paper Citation


in Harvard Style

Li W. and Chen C. (2008). SQS: A SECURE XML QUERYING SYSTEM . In Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 1: ICEIS, ISBN 978-989-8111-36-4, pages 413-416. DOI: 10.5220/0001677304130416


in Bibtex Style

@conference{iceis08,
author={Wei Li and Cindy Chen},
title={SQS: A SECURE XML QUERYING SYSTEM},
booktitle={Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 1: ICEIS,},
year={2008},
pages={413-416},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001677304130416},
isbn={978-989-8111-36-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Tenth International Conference on Enterprise Information Systems - Volume 1: ICEIS,
TI - SQS: A SECURE XML QUERYING SYSTEM
SN - 978-989-8111-36-4
AU - Li W.
AU - Chen C.
PY - 2008
SP - 413
EP - 416
DO - 10.5220/0001677304130416