Last generated: Thu Mar 1 10:53:14 2012 EST.
The L3 Project:
As the "secure" distribution and sharing of information
over the World Wide Web becomes increasingly important, the needs
for flexible and efficient support of access control systems
naturally arise. Since the eXtensible Markup Language (XML)
is emerging as the format of the Internet era for storing and
exchanging information, there have been, recently, many proposals
to extend the XML model to incorporate security aspects.
To the lesser or greater extent, however, such proposals neglect
the fact that the data for XML documents will most likely reside in
relational databases, and consequently do not utilize various
security models proposed for and implemented in relational
databases.
In this project, named as L3 ("L-cube")
from the lastnames of three participating
faculties, we take a rather different approach. We explore how to
support security models for XML documents by leveraging on
techniques developed for relational databases. More specifically,
in our approach, - Users make XML queries against the
given XML view/schema,
- Access controls for XML data are also
specified in the XML model, but
- Data are stored in
relational databases, and
- Security check and query
evaluation are also done in relational databases.
Instead of re-inventing wheels, we take two representative
methods in both XML security model and XML to relational
conversion problems, and show how to glue them together in a
seamless manner to efficiently support access controls for
the XML model using relational databases.
Our overall approach is illustrated in the following figure:
- QFilter: Rewriting
Insecure XML Queries to Secure Ones using Non-Deterministic Finite
Automata, Bo Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu, In
VLDB J., Vol. 20, No. 3, page 397-415, June 2011
- Automaton
Segmentation: A New Approach to Preserve Privacy in XML Information
Brokering, Fengjun Li, Bo Luo, Peng Liu, Dongwon Lee, Chao-Hsien
Chu, In 14th ACM Conf. on Computer and Communication Security
(CCS), Alexandria, VA, USA, October 2007 Acceptance Rate: 18% (55/303)
- Pragmatic XML
Access Control using Off-the-shelf RDBMS, Bo Luo, Dongwon Lee,
Peng Liu, In 12th European Symposium On Research In Computer Security
(ESORICS), Dresden, Germany, September 2007 Acceptance Rate: 23% (39/164)
- Security-Conscious
XML Indexing, Yan Xiao, Bo Luo, Dongwon Lee, In 12th Int'l
Conf. on Database Systems for Advanced Applications (DASFAA),
page 949-954, Bangkok, Thailand, April 2007 Acceptance Rate: 29.6% (111/375)
- Incremental
Adaptation of XPath Access Control Views, Padmapriya Ayyagari,
Prasenjit Mitra, Dongwon Lee, Peng Liu, Wang-Chien Lee, In ACM
Symp. on Information, Computer and Communications Security
(ASIACCS), page 105-116, Singapore, March 2007
Acceptance Rate: 18%
- In-broker Access
Control: Towards Efficient End-to-End Performance of Information
Brokerage Systems, Fengjun Li, Bo Luo, Peng Liu, Dongwon Lee,
Prasenjit Mitra, Wang-Chien Lee, Chao-Hsien Chu, In IEEE Int'l
Conf. on Sensor Networks, Ubiquitous, and Trustworthy Computing
(SUTC), Taichung, Taiwan, June 2006 Acceptance Rate: 25% (50/210)
- Deep Set Operators
for XQuery, Bo Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu, In
ACM SIGMOD Workshop on XQuery Implementation, Experience and
Perspectives (XIME-P), Baltimore, MD, USA, June 2005
- QFilter: Fine-Grained
Run-Time XML Access Control via NFA-based Query Rewriting, Bo Luo,
Dongwon Lee, Wang-Chien Lee, Peng Liu, In 13th ACM Int'l Conf. on
Information and Knowledge Management (CIKM), Washington DC, USA,
November 2004 Acceptance Rate: 19% (60/303)
- A Flexible Framework
for Architecting XML Access Control Enforcement Mechanisms, Bo
Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu, In VLDB Workshop on
Secure Data Management in a Connected World (SDM), Toronto,
Canada, August 2004 Acceptance Rate: 53% (15/28)
- Supporting XML
Security Models using Relational
Databases: A Vision, Dongwon Lee, Wang-Chien Lee, Peng Liu, In XML Database Symposium (XSym), Berlin, Germany, September 2003 Acceptance Rate: 27% (18/65)
|
