Detecting information leakage in updating XML documents of fine-grained access control

Somchai Chatvichienchai, Mizuho Iwaihara

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

To provide fine-grained access control to data in an XML document, XML access control policy is defined based on the contents and structure of the document. In this paper, we discuss confidential information leakage problem caused by unsecure-update that modifies contents or structures of the document referred by the access control policy. In order to solve this problem, we propose an algorithm that computes update constraints of a user on some data in the document under access control policy of the user. We also propose an algorithm that decides whether a given update request of a user against an XML document is an unsecure-update under the user's access control policy.

Original languageEnglish
Title of host publicationDatabase and Expert Systems Applications - 17th International Conference, DEXA 2006, Proceedings
PublisherSpringer Verlag
Pages286-296
Number of pages11
ISBN (Print)3540378715, 9783540378716
Publication statusPublished - 2006 Jan 1
Event17th International Conference on Database and Expert Systems Applications, DEXA 2006 - Krakow, Poland
Duration: 2006 Sep 42006 Sep 8

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4080 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference17th International Conference on Database and Expert Systems Applications, DEXA 2006
CountryPoland
CityKrakow
Period06/9/406/9/8

    Fingerprint

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Chatvichienchai, S., & Iwaihara, M. (2006). Detecting information leakage in updating XML documents of fine-grained access control. In Database and Expert Systems Applications - 17th International Conference, DEXA 2006, Proceedings (pp. 286-296). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4080 LNCS). Springer Verlag.