A Rule-Based Relational XML Access Control Model in the Presence of Authorization Conflicts

Alwehaibi, Ali; Atay, Mustafa

doi:10.1007/978-3-319-54978-1_43

Ali Alwehaibi¹⁵ &
Mustafa Atay¹⁶

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 558))

3158 Accesses
1 Altmetric

Abstract

There is considerable amount of sensitive XML data stored in relational databases. It is a challenge to enforce node level fine-grained authorization policies for XML data stored in relational databases which typically support table and column level access control. Moreover, it is common to have conflicting authorization policies over the hierarchical nested structure of XML data. There are a couple of XML access control models for relational XML databases proposed in the literature. However, to our best knowledge, none of them discussed handling authorization conflicts with conditions in the domain of relational XML databases. Therefore, we believe that there is a need to define and incorporate effective fine-grained XML authorization models with conflict handling mechanisms in the presence of conditions into relational XML databases. We address this issue in this study.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Hardcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Atay, M., & Lu, S. (2009). Storing and querying XML: an efficient approach using relational databases. ISBN 3639115813, VDM Verlag. Saarbrücken.
Google Scholar
Lee, D., Lee, W., & Liu, P. (2003). Supporting XML security models using relational databases: a vision. In Lecture notein computer science (Vol. 2824, pp. 267–281). Berlin/Heidelberg: Springer.
Google Scholar
Luo, B., Lee, D., Liu, P. (2007). Pragmatic XML access control using off-the-shelf RDBMS. In Proceedings of the 12th ESORISC (Dresden, September 24–26, 2007), (pp. 55–71).
Google Scholar
Patel, J., & Atay, M. (2011). An efficient access control model for schema-based relational storage of XML documents. In Proceedings of the 49th ACM Southeast Conference, (Georgia, USA, March 2011), (pp. 97–102).
Google Scholar
Tan, K.L., Lee, M.L., Wang, Y. (2001). Access control of XML documents in relational database systems. In Proceedings of the International Conference on Internet Computing (IC) (Las Vegas, NV, Jun. 2001), (pp. 185–191).
Google Scholar
Kundu, A., & Bertino, E. (2008). A new model for secure dissemination of XML content. IEEE Transactions on Systems, Man, and Cybernetics, Part C, 38(3), 292–301.
Article Google Scholar
Damiani, E., Vimercati, S., Paraboschi, S., & Samarati, P. (2002). A fine-grained access control system for XML documents. IEEE Transactions on Information and System Security (TISSEC), 5(2), 169–202.
Article Google Scholar
Damiani, E., Fansi, M., Gabillon, & Marrara, S. (2008). A general approach to securely querying XML. Computer Standards and Interfaces, 30(6), 379–389.
Article Google Scholar
Jo, S., & Chung, K. (2015). Design of access control system for telemedicine secure XML docs. Multimedia Tools and Applications, 74(7), 2257–2271.
Article Google Scholar
Koromilas, L., Chinis, G., Fundulaki, I., & Ioannidis, S. (2009). Controlling access to XML documents over XML native and relational databases. Secure Data Management LNCS, 5776, 122–141.
Article Google Scholar
Mahfoud, H., & Imine, A. (2012). Secure querying of recursive XML views: a standard XPath-based technique. Proceedings of the 21st International Conference on World Wide Web, pp. 575–576.
Google Scholar
Mirabi, M., Ibrahim, H., Fathi, L., Udzir, N., & Mamat, A. (2011). An access control model for supporting XML document updating. Networked Digital Technologies., 136, 37–46.
Article Google Scholar
Zhu, H., Lü, K., & Jin, R. (2009). A practical mandatory access control model for XML databases. Information Sciences, 179(8), 1116–1133.
Article Google Scholar
Yoshikawa, M., Amagasa, T., Shimura, T., & Uemura, S. (2001). XRel: a path-based approach to storage and retrieval of XML docs. Using rel. databases. ACM Transaction on Internet Technology (TOIT), 1(2), 110–141.
Article Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computational Science, NC A&T State University, Greensboro, NC, 27405, USA
Ali Alwehaibi
Department of Computer Science, Winston-Salem State University, Winston-Salem, NC, 27110, USA
Mustafa Atay

Authors

Ali Alwehaibi
View author publications
You can also search for this author in PubMed Google Scholar
Mustafa Atay
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mustafa Atay .

Editor information

Editors and Affiliations

Department of Electrical and Computer Engineering, University of Nevada, Las Vegas, Nevada, USA
Shahram Latifi

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Alwehaibi, A., Atay, M. (2018). A Rule-Based Relational XML Access Control Model in the Presence of Authorization Conflicts. In: Latifi, S. (eds) Information Technology - New Generations. Advances in Intelligent Systems and Computing, vol 558. Springer, Cham. https://doi.org/10.1007/978-3-319-54978-1_43

Download citation

DOI: https://doi.org/10.1007/978-3-319-54978-1_43
Published: 18 July 2017
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-54977-4
Online ISBN: 978-3-319-54978-1
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics