Access Control Models for XML - Database Security: Applications and Trends

Databases Reference

In-Depth Information

ible to the final user, while non accessible elements containing accessible ones

are renamed as AccessDenied elements [13].

As a support for the proposal, experimental results are presented demon-

strating the eciency gain due to static analysis with respect to run-time

analysis proposed by other approaches.

Example 4. Consider the DTD and the XML document in Fig. 1 and suppose

that there are three user-groups: BankEmployee , which are employees of the

considered bank institute, StatisticalAnalyst , which are bank employees

who make statistics about clients and their operations, and Client , which are

people having a bank account at the institute.

Consider a set of authorizations stating that the members of the

BankEmployee group can access the whole content of the account operation

element, members of the StatisticalAnalyst group can access the content of

the account operation element but the notes elements, and each client can

access the account operation elements about their bank account. Formally,

these authorizations can be expressed as follows.

•

group: BankEmployee , /account operation ,+ read , recursive

•

group: StatisticalAnalyst , /account operation ,+ read , recursive

•

group: StatisticalAnalyst , //notes ,- read , recursive

•

group: Client , /account operation[./@bankAccN=$userAcc] ,+ read ,

recursive

We first define the schema automaton corresponding to the considered

DTD. It is first necessary to define two sets of symbols, representing elements

and attributes, respectively.

Σ E =

{

account operation , request , operation , date , means , notes , type ,

amount , recipient , value

}

Σ A =

}

Given Σ E and Σ A , it is now possible to define the schema automaton M G as

follows.

{

@bankAccN , @Id , @number

Ω = Σ E

Σ A

•

∪

•

Q =

Account Operation, Request, Operation, Date, Means, Notes, Type,

Amount, Recipient, Value

{

q init

q fin

}∪{

}

Q init =

q init

•

{

}

Q fin =

q fin

•

{

Date, Means, Notes, Type, Amount, Recipient, Value

}∪{

}

δ ( q init , account operation )=Account Operation

δ (Account Operation, request )=Request

δ (Account Operation, operation )=Operation

δ (Request, date )=Date

δ (Request, means )=Means

δ (Request, notes )=Notes

δ (Operation, type )=Type

δ (Operation, amount )=Amount;

•

Database Security: Applications and Trends

Search WWH ::

Custom Search

Home