Abstract
In this paper, we ask whether XML access control can be supported when underlying (XML or relational) storage system does not provide adequate security features and propose three alternative solutions —primitive, pre-processing, and post-processing. Toward that scenario, in particular, we advocate a scalable and effective pre-processing approach, called QFilter. QFilter is based on non-deterministic finite automata (NFA) and rewrites user’s queries such that parts violating access control rules are pre-pruned. Through analysis and experimental validation, we show that (1) QFilter guarantees that only permissible portion of data is returned to the authorized users, (2) such access controls can be efficiently enforced without relying on security features of underlying storage system, and (3) such independency makes QFilter capable of many emerging applications, such as in-network access control and access control outsourcing.
Article PDF
Similar content being viewed by others
Avoid common mistakes on your manuscript.
References
Ayyagari, P., Mitra, P., Lee, D., Liu, P., Lee, W.C.: Incremental adaptation of xpath access control views. In: ASIACCS ’07: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security, pp. 105–116 (2007)
Berglund, A., Boag, S., Chamberlin, D., Fernández, M.F., Kay, M., Robie, J., Siméon, J.: XML Path Language (XPath) 2.0. W3C Working Draft (2003). http://www.w3.org/TR/xpath20
Bertino E., Castano S., Ferrari E.: Securing xml documents with author-x. IEEE Int. Comput. 5(3), 21–31 (2001)
Bertino E., Ferrari E.: Secure and selective dissemination of XML documents. ACM Trans. Inf. Syst. Secur. (TISSEC) 5(3), 290–331 (2002)
Boag, S., Chamberlin, D., Fernández, M.F., Florescu, D., Robie, J., Simeon, J.: XQuery 1.0: An XML Query Language. W3C Working Draft (2003). http://www.w3.org/TR/xquery
Bouganim, L., Ngoc, F.D., Pucheral, P.: Client-based access control management for XML documents. In: VLDB. Toronto, Canada (2004)
Bravo, L., Cheney, J., Fundulaki, I.: Accon: checking consistency of xml write-access control policies. In: Proceedings of the 11th International Conference on Extending Database Technology, pp. 715–719 (2008)
Bray, T., Paoli, J., Sperberg-McQueen, C. M., Maler, E., Yergeau, F.: Extensible Markup Language (XML) 1.0, 5th edn. (2008)
Cho, S., Amer-Yahia, S., Lakshmanan, L.V., Srivastava, D.: Optimizing the secure evaluation of Twig queries. In: VLDB. Hong Kong, China (2002)
Choi, B.: What are real dtds like? In: WebDB (2002)
Cuppens, F., Cuppens-Boulahia, N., Sans, T.: Protection of relationships in xml documents with the xml-bb model. In: First International Conference on Information Systems Security (ICISS), pp. 148–163 (2005)
Damiani E., De Capitani di Vimercati S., Paraboschi S., Samarati P.: A fine-grained access control system for XML documents. ACM Trans. Inf. Syst. Secur. (TISSEC) 5(2), 169–202 (2002)
Damiani, E., Fansi, M., Gabillon, A., Marrara, S.: Securely updating xml. In: Knowledge-Based Intelligent Information and Engineering Systems, 11th International Conference (KES), pp. 1098–1106 (2007)
Damiani E., Fansi M., Gabillon A., Marrara S.: A general approach to securely querying xml. Comput. Stand. Interfaces 30(6), 379–389 (2008)
Damiani, E., di Vimercati, S.D.C., Paraboschi, S., Samarati, P.: Securing xml documents. In: 7th International Conference on Extending Database Technology, pp. 121–135 (2000)
Damiani E., Vimercati S.D.C.D., Paraboschi S., Samarati P.: Design and implementation of an access control processor for XML documents. Comput. Netw. 33(6), 59–75 (2000)
Diao, Y., Franklin, M.J.: High-performance XML filtering: an overview of YFilter. IEEE Data Eng. Bulletin (2003)
Fan, W., Chan, C.Y., Garofalakis, M.: Secure xml querying with security views. In: SIGMOD ’04: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 587–598. ACM Press, New York, (2004). http://doi.acm.org/10.1145/1007568.1007634
Fernandez E., Gudes E., Song H.: A model of evaluation and administration of security in object-oriented databases. IEEE Trans. Knowl. Data Eng. (TKDE) 6(2), 275–292 (1994)
Finance, B., Medjdoub, S., Pucheral, P.: The case for access control on xml relationships. In: 14th ACM International Conference on Information and Knowledge Management, pp. 107–114 (2005)
Fundulaki, I., Maneth, S.: Formalizing xml access control for update operations. In: 12th ACM Symposium on Access Control Models and Technologies, pp. 169–174 (2007)
Fundulaki, I., Marx, M.: Specifying access control policies for xml documents with xpath. In: Ninth ACM Symposium on Access Control Models and Technologies, pp. 61–69 (2004)
Gabillon, A.: An authorization model for xml databases. In: 2004 Workshop on Secure Web Service, pp. 16–28 (2004)
Gabillon, A., Bruno, E.: Regulating access to xml documents. In: Das’01: Proceedings of the Fifteenth Annual Working Conference on Database and Application Security, pp. 299–314. Kluwer Academic Publishers, Norwell (2002)
Godik, S., Moses, T. (Eds): eXtensible Access Control Markup Language (XACML) Version 1.0. OASIS Specification Set (2003). http://www.oasis-open.org/committees/xacml/repository/
Hopcroft J.E., Motwani R., Ullman J.D.: Introduction to Automata Theory, Languages, and Computation. Addison-Wesley, Reading (2007)
Jiang M., Fu A.W.C.: Integration and efficient lookup of compressed xml accessibility maps. IEEE Trans. Knowl. Data Eng. 17(7), 939–953 (2005)
Kudo, M., Hada, S.: XML document security based on provisional authorization. In: ACM Conference on Computer and Communications Security (CCS) (2000)
Kuper, G., Massacci, F., Rassadko, N.: Generalized xml security views. In: the Tenth ACM Symposium on Access Control Models and Technologies, pp. 77–84 (2005)
Kuper G., Massacci F., Rassadko N.: Generalized xml security views. Int. J. Inf. Secur. 8(3), 173–203 (2009)
Lee, D., Lee, W.C., Liu, P.: Supporting XML security models using relational databases: a vision. In: XML Database Symposium (XSym). Berlin, Germany (2003)
Lee J.G., Whang K.Y., Han W.S., Song I.Y.: The dynamic predicate: integrating access control with query processing in xml databases. VLDB J. 16(3), 371–387 (2007)
Li, F., Luo, B., Liu, P., Lee, D., Mitra, P., Lee, W.C., Chu, C.H.: In-broker access control: towards efficient end-to-end performance of information brokerage systems. In: IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing, pp. 252–259 (2006)
Luo, B., Lee, D., Liu, P.: Pragmatic XML access control using off-the-shelf RDBMS. In: 12th European Symposium On Research in Computer Security (ESORICS). Dresden, Germany (2007)
Luo, B., Lee, D., Lee, W.C., Liu, P.: QFilter: fine-grained run-time XML access control via NFA-based query rewriting. In: ACM CIKM. Washington (2004)
Luo, B., Lee, D., Lee, W.C., Liu, P.: Deep set operators for XQuery. In: Second International Workshop on XQuery Implementation, Experience and Perspectives (XIME-P). Baltimore (2005)
Mealy G.H.: A method for synthesizing sequential circuits. Bell Syst. Tech. J. 34, 1045–1079 (1955)
Mella G., Ferrari E., Bertino E., Koglin Y.: Controlled and cooperative updates of xml documents in byzantine and failure-prone distributed systems. ACM Trans. Inf. Syst. Secur. 9(4), 421–460 (2006)
Mohan, S., Klinginsmith, J., Sengupta, A., Wu, Y.: Acxess—access control for xml with enhanced security specifications. In: 22nd International Conference on Data Engineering, p. 171 (2006)
Mohan, S., Sengupta, A., Wu, Y.: Access control for xml: a dynamic query rewriting approach. In: 14th ACM International Conference on Information and Knowledge Management, pp. 251–252 (2005)
Murata, M., Tozawa, A., Kudo, M.: XML access control using static analysis. In: ACM Conference on Computer and Communications Security (CCS). Washington (2003)
Murata M., Tozawa A., Kudo M., Hada S.: Xml access control using static analysis. ACM Trans. Inf. Syst. Secur. 9(3), 292–324 (2006)
Qi, N., Kudo, M.: Access-condition-table-driven access control for xml databases. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS, Lecture Notes in Computer Science, vol. 3193, pp. 17–32. Springer (2004)
Qi, N., Kudo, M.: Xml access control with policy matching tree. In: ESORICS 2005, 10th European Symposium on Research in Computer Security, pp. 3–23 (2005)
Qi, N., Kudo, M., Myllymaki, J., Pirahesh, H.: A function-based access control model for xml databases. In: 14th ACM International Conference on Information and Knowledge Management, pp. 115–122 (2005)
Rabitti F., Bertino E., Kim W., Woelk D.: A model of authorization for next-generation database systems. ACM Trans. Database Syst. (TODS) 16(1), 89–131 (1991)
Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Comput. 29(2) (1996)
Schmidt, A.R., Waas, F., Kersten, M.L., Florescu, D., Manolescu, I., Carey, M.J., Busse, R.: The XML Benchmark Project. Tech. Rep. INS-R0103, CWI (2001)
Simeon, J., Fernandez, M.: Galax V 0.3.5 (2004). http://db.bell-labs.com/galax/
Stoica, A., Farkas, C.: Secure xml views. In: Gudes, E., Shenoi, S. (eds.) DBSec, IFIP Conference Proceedings, vol. 256, pp. 133–146. Kluwer (2002)
De Capitani di Vimercati, S., Marrara, S., Samarati, P.: An access control model for querying xml data. In: Workshop on Secure web services, pp. 36–42 (2005)
Xiao, Y., Luo, B., Lee, D.: Security-conscious XML indexing. In: International Conference on Database Systems for Advanced Applications (DASFAA). Bangkok, Thailand (2007)
Yu, T., Srivastava, D., Lakshmanan, L.V., Jagadish, H.V.: Compressed accessibility map: efficient access control for XML. In: VLDB. Hong Kong, China (2002)
Zhang H., Zhang N., Salem K., Zhuo D.: Compact access control labeling for efficient secure xml query evaluation. Data Knowl. Eng. 60(2), 326–344 (2007)
Author information
Authors and Affiliations
Corresponding author
Additional information
This paper is extend from earlier conference version [35].
Rights and permissions
About this article
Cite this article
Luo, B., Lee, D., Lee, WC. et al. QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata. The VLDB Journal 20, 397–415 (2011). https://doi.org/10.1007/s00778-010-0202-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00778-010-0202-x