Fig 10 - uploaded by Arijit Sengupta
Content may be subject to copyright.
Source publication
XML is gaining predominance as the standard for data representation and exchange. Access con-trol for XML data is nontrivial as witnessed from the number of access control models presented in literature. Existing models provide the ability to extend access control to data as well as structure and enforce the specified access control via view materi...
Similar publications
As storage-main memory as well as disk-becomes cheaper, the amount of available information is increasing and it is a challenge to organize it. Our broader aim is to provide a unified framework for efficiently versioning and querying data, documents, as well as any kind of semi-structured information between data and documents, which can be stored...
Structured queries expressed in languages (such as SQL, SPARQL, or XQuery) offer a convenient and explicit way for users to express their information needs for a number of tasks. In this work, we present an approach to answer these directly over text data without storing results in a database. We specifically look at the case of knowledge bases whe...
This paper describes an algorithm for reformulation of XQuery queries. The mediation is based on an essential component called mediator. Its main role is to reformulate a user query, written in terms of global schema, into queries written in terms of source schemas. Our algorithm is based on the principle of logical equivalence, simple and complex...
In the relational model it has been shown that the flat relational algebra has the same expressive power as the nested relational algebra, as far as queries over flat relations and with flat results are concerned [11]. Hence, for each query that uses the nested relational model and that, with a flat table as input always has a flat table as output,...
This paper presents an expressive bidirectional XML transformation language and uses it to address the problem of updating XML data through materialized XQuery views. The transformations of this bidirectional language can be executed in two directions: in the forward direction, they generate materialized views from XML source, while in the backward...
Citations
... Based on the paper [5,6], we describe XML document according to DTD format. A department is an outer element that contains all elements of a document element. ...
As the Internet was activated and the mobile environment developed, it has become more common to access dynamic XML data regardless of location and time. XML is widely used for information exchange and representation of data for databases, applications, etc., using the advantage to describe information. As a result, large-capacity XML data becomes increasingly complex, and demand for data access policies is increasing. Security issues such as authorization of access to resources, authentication, security enhancement and privacy arise. The mobile computing environment differs from existing information systems in several ways, so it is difficult to apply the existing access control as it is. Therefore, this paper proposes a secure access policy method for query processing to enable efficient resource management in dynamic XML data environment. The results of the evaluation are also presented to show that the additionally proposed method is efficient and excellent.
... A complete discussion of SSX, SAS and query rewrite(SQR) in ACXESS is available at [3]. ...
We present ACXESS (Access Control for XML with Enhanced Security Specifications), a system for specifying and enforcing enhanced security constraints on XML via virtual "security views" and query rewrites. ACXESS is the first system that bears the capability to specify and enforce complicated security policies on both subtrees and structural relationships.
... Some systems that use the query rewriting technique create annotated schemas by using many attributes (Mohan, Sengupta et al. 2005;Mohan, Klinginsmith et al. 2006;Mohan, Sengupta et al. 2006;Damiani, Fansi et al. 2007;Mohan, Sengupta et al. 2007;Damiani, Fansi et al. 2008). The access attribute provides the 'allow' or 'deny' right to the subject to access the object. ...
... Rewriting the query can be done by using automation and except operator (Damiani, Fansi et al. 2007;Damiani, Fansi et al. 2008). Sometimes, primitives are used to reflect the security specification by using an algebraic language (Mohan, Sengupta et al. 2005;Mohan, Klinginsmith et al. 2006;Mohan, Sengupta et al. 2006;Mohan, Sengupta et al. 2007).These procedures are applied for read and write (insert, delete, update) privileges. Figure 4 shows all the steps in the query rewriting process. ...
... The access control can take into account both the nodes' values and nodes' relationships. A virtual security view can be used with query rewriting approaches (Mohan, Sengupta et al. 2005;Mohan, Klinginsmith et al. 2006;Mohan, Sengupta et al. 2006;Mohan, Sengupta et al. 2007) . ...
Cloud databases have been used in a spate of web-based applications in recent years owing to their capacity to store big data efficiently. In such a scenario, access control techniques implemented in relational databases are so modified as to suit cloud databases. The querying features of cloud databases are designed with facilities to retrieve encrypted data. The performance with respect to retrieval and security needs further improvements to ensure a secured retrieval process. In order to provide an efficient secured retrieval mechanism, a rule- and agent-based intelligent secured retrieval model has been proposed in this paper that analyzes the user, query and contents to be retrieved so as to effect rapid retrieval with decryption from the cloud databases. The major advantage of this retrieval model is in terms of its improved query response time and enhanced security of the storage and retrieval system. From the experiments conducted in this work, proposed model increased storage and access time and, in addition, intensified the security of the data stored in cloud databases.
Cloud databases have been used in a spate of web-based applications in recent years owing to their capacity to store big data efficiently. In such a scenario, access control techniques implemented in relational databases are so modified as to suit cloud databases. The querying features of cloud databases are designed with facilities to retrieve encrypted data. The performance with respect to retrieval and security needs further improvements to ensure a secured retrieval process. In order to provide an efficient secured retrieval mechanism, a rule- and agent-based intelligent secured retrieval model has been proposed in this paper that analyzes the user, query and contents to be retrieved so as to effect rapid retrieval with decryption from the cloud databases. The major advantage of this retrieval model is in terms of its improved query response time and enhanced security of the storage and retrieval system. From the experiments conducted in this work, proposed model increased storage and access time and, in addition, intensified the security of the data stored in cloud databases.
The existing access control has not taken information structures and semantics into full account due to the fundamental limitations of HTML. In addition, access control for XML documents allows only read operations, and there exists the problem of slowing down system performance due to the complex authorization evaluation process. In order to resolve this problem, this paper designs and builds a XACS (XML Access Control System) which is capable of making fined-grained access control. This provides data only corresponding to its users’ authority levels by authorizing them to access only the specific items of XML documents when they’re searching XML documents. In order to do this, the XACS eliminates certain parts of documents which are inaccessible and transmits parts accessible depending on its users’ authority levels. In addition since XML documents are used on the basis of normal web sites, it can be expanded to existing web servers. Ultimately, this paper suggests empirical application to verify the adequacy and the validity with the proposed method. Accordingly, the satisfaction and the quality of mechanism will be improved the XML document.
XML can supply the standard data type in information exchange format on a lot of data generated in running database or applied programs for a company by using the advantage that it can describe meaningful information directly. Accordingly since there are increasing needs for the efficient management and telemedicine security of the massive volume of XML data, it is necessary to develop a secure access control mechanism for XML. The existing access control has not taken information structures and semantics into full consideration due to the fundamental limitations of HTML. In addition, access control for XML documents allows read operations only, and there are problems of slowing down the system performance due to the complex authorization evaluation process. To resolve this problem, this paper designs and builds a XACS (XML Access Control System), which is capable of making fined-grained access control. This only provides data corresponding to its users’ authority levels by authorizing them to access only the specific items of XML documents when they are searching XML documents in telemedicine. To accomplish this, XACS eliminates certain parts of the documents that are inaccessible and transmits the parts accessible depending on the users’ authority levels. In addition, it can be expanded to existing web servers because XML documents are used based on the normal web sites. The telemedicine secure and the guidelines are provided to enable quick and precise understanding of the information, and thus the safety enhancement gets improved. Ultimately, this paper suggests an empirical telemedicine application to confirm the adequacy and validity using the proposed method.
The Zone Routing Protocol (ZRP) is a hybrid routing protocol that proactively maintains routes within a local region of the
network (which we refer to as the routing zone). Here, we describe the motivation of ZRP and its architecture also the query
control mechanisms, which are used to reduce the traffic amount in the route discovery procedure. In this paper, we address
the issue of configuring the ZRP to provide the best performance for a particular network, at any time. Through NS2 simulation,
we draw conclusions about the performance of the protocol.
KeywordsZone Routing Protocol–Routing zone–Query control mechanisms
The enormous amount of XML data growing on the Web raises several security issues that current XML standards do not address.
The most important security issue in such a distributed environment is the lack of efficient Access Control and authorization
for XML data currently. In this paper, we propose a generalized Role Based Access Control (RBAC) model called An Intelligent
Agent Based Temporal Action Status Access Control (IATASAC) model which uses temporal and action status constraints for efficient
access control. This model addresses certain shortcomings of RBAC model by the use of semi structured data; hence it is more
suitable for distributed web environment. Since the proposed model has been developed for XML data and needs smart decision,
it heavily relies on XPath and intelligent agents for effective querying and answering. The Experimental results show that
the proposed model performs well.
KeywordsIntelligent agent–Action status–XML–Ascribed status–Temporal constraints–Role Based Access Control
