Static analysis of XML security views and query rewriting

Static analysis of XML security views and query rewriting

In this paper, we revisit the view based security framework for XML without imposing any of the previously considered restrictions on the class of queries, the class of DTDs, and the type of annotations used to define the view. First, we study query rewriting with views when the classes used to defi...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Information and computation 2014-11, Vol.238, p.2-29
Hauptverfasser: Groz, Benoît, Staworko, Sławomir, Caron, Anne-Cecile, Roos, Yves, Tison, Sophie
Format: Artikel
Sprache:eng
Schlagworte:
Computer Science
Determinacy
Formal Languages and Automata Theory
Query rewriting
Security views
XML
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:In this paper, we revisit the view based security framework for XML without imposing any of the previously considered restrictions on the class of queries, the class of DTDs, and the type of annotations used to define the view. First, we study query rewriting with views when the classes used to define queries and views are Regular XPath and MSO. Next, we investigate problems of static analysis of security access specifications (SAS): we introduce the novel class of interval-bounded SAS and we define three different manners to compare views (i.e. queries) from a security point of view. We provide a systematic study of the complexity for deciding these three comparisons, when the depth of the XML documents is bounded, when the document may have an arbitrary depth but the queries defining the views are restricted to guarantee the interval-bounded property, and in the general setting without restriction on queries and document.
ISSN:0890-5401
1090-2651
DOI:10.1016/j.ic.2014.07.003