Abstract
There is considerable amount of sensitive XML data stored in relational databases. It is a challenge to enforce node level fine-grained authorization policies for XML data stored in relational databases which typically support table and column level access control. Moreover, it is common to have conflicting authorization policies over the hierarchical nested structure of XML data. There are a couple of XML access control models for relational XML databases proposed in the literature. However, to our best knowledge, none of them discussed handling authorization conflicts with conditions in the domain of relational XML databases. Therefore, we believe that there is a need to define and incorporate effective fine-grained XML authorization models with conflict handling mechanisms in the presence of conditions into relational XML databases. We address this issue in this study.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Atay, M., & Lu, S. (2009). Storing and querying XML: an efficient approach using relational databases. ISBN 3639115813, VDM Verlag. Saarbrücken.
Lee, D., Lee, W., & Liu, P. (2003). Supporting XML security models using relational databases: a vision. In Lecture notein computer science (Vol. 2824, pp. 267–281). Berlin/Heidelberg: Springer.
Luo, B., Lee, D., Liu, P. (2007). Pragmatic XML access control using off-the-shelf RDBMS. In Proceedings of the 12th ESORISC (Dresden, September 24–26, 2007), (pp. 55–71).
Patel, J., & Atay, M. (2011). An efficient access control model for schema-based relational storage of XML documents. In Proceedings of the 49th ACM Southeast Conference, (Georgia, USA, March 2011), (pp. 97–102).
Tan, K.L., Lee, M.L., Wang, Y. (2001). Access control of XML documents in relational database systems. In Proceedings of the International Conference on Internet Computing (IC) (Las Vegas, NV, Jun. 2001), (pp. 185–191).
Kundu, A., & Bertino, E. (2008). A new model for secure dissemination of XML content. IEEE Transactions on Systems, Man, and Cybernetics, Part C, 38(3), 292–301.
Damiani, E., Vimercati, S., Paraboschi, S., & Samarati, P. (2002). A fine-grained access control system for XML documents. IEEE Transactions on Information and System Security (TISSEC), 5(2), 169–202.
Damiani, E., Fansi, M., Gabillon, & Marrara, S. (2008). A general approach to securely querying XML. Computer Standards and Interfaces, 30(6), 379–389.
Jo, S., & Chung, K. (2015). Design of access control system for telemedicine secure XML docs. Multimedia Tools and Applications, 74(7), 2257–2271.
Koromilas, L., Chinis, G., Fundulaki, I., & Ioannidis, S. (2009). Controlling access to XML documents over XML native and relational databases. Secure Data Management LNCS, 5776, 122–141.
Mahfoud, H., & Imine, A. (2012). Secure querying of recursive XML views: a standard XPath-based technique. Proceedings of the 21st International Conference on World Wide Web, pp. 575–576.
Mirabi, M., Ibrahim, H., Fathi, L., Udzir, N., & Mamat, A. (2011). An access control model for supporting XML document updating. Networked Digital Technologies., 136, 37–46.
Zhu, H., Lü, K., & Jin, R. (2009). A practical mandatory access control model for XML databases. Information Sciences, 179(8), 1116–1133.
Yoshikawa, M., Amagasa, T., Shimura, T., & Uemura, S. (2001). XRel: a path-based approach to storage and retrieval of XML docs. Using rel. databases. ACM Transaction on Internet Technology (TOIT), 1(2), 110–141.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Alwehaibi, A., Atay, M. (2018). A Rule-Based Relational XML Access Control Model in the Presence of Authorization Conflicts. In: Latifi, S. (eds) Information Technology - New Generations. Advances in Intelligent Systems and Computing, vol 558. Springer, Cham. https://doi.org/10.1007/978-3-319-54978-1_43
Download citation
DOI: https://doi.org/10.1007/978-3-319-54978-1_43
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-54977-4
Online ISBN: 978-3-319-54978-1
eBook Packages: EngineeringEngineering (R0)