secure xml database access with views
play

Secure XML Database Access with Views SecReT09 Benoit Groz (joint - PowerPoint PPT Presentation

Jul 06, 2023 •195 likes •498 views

Secure XML Database Access with Views SecReT09 Benoit Groz (joint work with Anne-Ccile Caron,Yves Roos, Sawek Staworko, Sophie Tison) Mostrare 10 juillet 2009 B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views

  1. Secure XML Database Access with Views SecReT’09 Benoit Groz (joint work with Anne-Cécile Caron,Yves Roos, Sławek Staworko, Sophie Tison) Mostrare 10 juillet 2009 B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 1 / 19

  2. Securing databases with views Many ways to enforce access control for XML. Among others: Checking the queries: ◮ statically ⇒ may reject proper queries and access [Oasis project: XACML] ◮ dynamically ⇒ incurs costly runtime security check [Murata et al. CCS’03] B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 3 / 19

  3. Securing databases with views Many ways to enforce access control for XML. Among others: Checking the queries: ◮ statically ⇒ may reject proper queries and access [Oasis project: XACML] ◮ dynamically ⇒ incurs costly runtime security check [Murata et al. CCS’03] Annotating the data: ◮ annotating the data, or materializing the view ⇒ expensive maintenance [Damiani et al. EDBT’00, Cho et al. VLDB’02] ◮ annotating the DTD with Non-materialized view Rewriting queries from the view to the document [Fan et al. SIGMOD’04, Vercammen et al, Rassadko et al ... ] B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 3 / 19

  4. Outline Non-materialized views and query rewriting 1 Comparing Access Control Policies 2 B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 4 / 19

  5. Visibilium omnium... et invisibilium “Whoever wishes to keep a secret must hide the fact that he possesses one”. attributed to Johann Wolfgang von Goethe B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 5 / 19

  6. Overview Hidden part User part View derivation DTD D View Schema D v Annotation A (specifies hidden elements) Query Q document t Q’ Query rewriting Answer Answer to query Q = evaluation of Q ′ on the original document t B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 6 / 19

  7. Framework: XML XML document=tree. No data-values. <projects> <project> <name> projects </name> . . . project project </project> <project> name name stable license dev license . . . </project> src src bin doc free doc free </projects> B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 7 / 19

  8. RegularXPath We use Regular XPath queries Query q 1 = ⇓ ∗ / ⇓ :: doc n 0 document t projects Ans ( q 1 , t ) = { n 11 , n 14 } n 1 n 2 project project n 3 n 4 n 8 n 5 n 6 n 7 name name stable license dev license n 9 n 10 n 11 n 12 n 13 n 14 n 15 src src bin doc free doc free “get all documentations” B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 8 / 19

  9. RegularXPath We use Regular XPath queries Query q 2 = n 0 document t projects ⇓ :: project [ ⇓ :: stable ] / ⇓ :: name n 1 n 2 project project n 3 n 4 n 8 n 5 n 6 n 7 Ans ( q 2 , t ) = { n 3 } name name stable license dev license n 9 n 10 n 11 n 12 n 13 n 14 n 15 src src bin doc free doc free “get names of stable projects” B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 8 / 19

  10. Access control for XML projects document t project project project name name name stable license stable license dev license src src propr src bin doc free bin doc doc free We wish to hide: whether a project is stable or in-development the binaries the sources for non-free projects B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 9 / 19

  11. DTD and Annotation projects document t project project project name name name stable license stable license dev license src src propr src bin doc free bin doc doc free Example projects → project ∗ stable → src , bin , doc A 0 ( stable , src ) = [ ⇑ ∗ :: project / ⇓ ∗ :: free ] project → name , ( stable | dev ) , license A 0 ( project , stable ) = false A 0 ( stable , doc ) = true A 0 ( project , dev ) = false dev → src , doc A 0 ( dev , src ) = [ ⇑ ∗ :: project / ⇓ ∗ :: free ] license → free | propr A 0 ( dev , doc ) = true B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 9 / 19

  12. The security view projects document t project project project name name name stable license stable license dev license src src propr src bin doc free bin doc doc free projects View A ( t ) project project project name name name license doc license license src doc src doc propr free free B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 9 / 19

  13. Annotating the DTDs ⊲ annotation as a function A : Σ × Σ → { true , false , [ f ] } . Example projects → project ∗ stable → src , bin , doc A 0 ( stable , src ) = [ ⇑ ∗ :: project / ⇓ ∗ :: free ] project → name , ( stable | dev ) , license A 0 ( project , stable ) = false A 0 ( stable , doc ) = true A 0 ( project , dev ) = false dev → src , doc A 0 ( dev , src ) = [ ⇑ ∗ :: project / ⇓ ∗ :: free ] license → free | propr A 0 ( dev , doc ) = true B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 10 / 19

  14. Annotating the DTDs ⊲ annotation as a function A : Σ × Σ → { true , false , [ f ] } . Example projects → project ∗ stable → src , bin , doc A 0 ( stable , src ) = [ ⇑ ∗ :: project / ⇓ ∗ :: free ] project → name , ( stable | dev ) , license A 0 ( project , stable ) = false A 0 ( stable , doc ) = true A 0 ( project , dev ) = false dev → src , doc A 0 ( dev , src ) = [ ⇑ ∗ :: project / ⇓ ∗ :: free ] license → free | propr A 0 ( dev , doc ) = true Proposition This model of annotation is equivalent to defining accessible elements with a X Reg filter f A acc such that : = f A ∀ n ∈ N t . n accessible wrt. A ⇐ ⇒ ( t , n ) | acc B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 10 / 19

  15. Rewriting Queries Theorem: Regular XPath is closed under query rewriting There exists a function Rewrite such that : ∀ t . Ans ( Q , A ( t )) = Ans ( Rewrite ( Q , A ) , t ) Moreover, Rewrite ( Q , A ) is computable in time O ( | A |∗| Q | ) . B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 11 / 19

  16. Rewriting Queries Theorem: Regular XPath is closed under query rewriting There exists a function Rewrite such that : ∀ t . Ans ( Q , A ( t )) = Ans ( Rewrite ( Q , A ) , t ) Moreover, Rewrite ( Q , A ) is computable in time O ( | A |∗| Q | ) . Proof. Translate the base axes using f A acc : acc ]) ∗ / self [ f A Rewrite ( ⇑ , A ) = self [ f A acc ] / ( ⇑ [ ¬ f A acc ] . Rewrite the query inductively. B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 11 / 19

  17. Rewriting Queries Hidden part User part Q’=Rewrite( Q , A ) document t Query Q Answer projects document t project project project name name name stable license stable license dev license src src propr src bin doc free bin doc doc free B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 12 / 19

  18. Rewriting Queries Hidden part User part Q ′ = ⇓ :: project [ license / free ] / ⇓ :: ∗ / ⇓ :: src Q = ⇓ :: project / ⇓ :: src Q’=Rewrite( Q , A ) Query Q document t Answer projects document t project project project name name name stable license stable license dev license src src propr src bin doc free bin doc doc free B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 12 / 19

  19. Outline Non-materialized views and query rewriting 1 Comparing Access Control Policies 2 B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 13 / 19

  20. Comparing access control policies Definition Two annotations A 1 and A 2 over DTD D are equivalent iff they hide the same nodes: A 1 ≡ D A 2 iff ∀ t ∈ L ( D ) . A 1 ( t ) = A 2 ( t ) B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 14 / 19

  21. Comparing access control policies Definition Two annotations A 1 and A 2 over DTD D are equivalent iff they hide the same nodes: A 1 ≡ D A 2 iff ∀ t ∈ L ( D ) . A 1 ( t ) = A 2 ( t ) Proposition Testing equivalence of annotations is EXPTIME -complete. Proof. This problem is polynomially equivalent to the problem of equivalence of X Reg filters over a DTD. B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 14 / 19

  22. Comparing Access control policies Definition A 1 and A 2 annotations over DTD D . A 1 is 1 -restriction of A 2 in the presence of D , denoted A 1 � D 1 A 2 iff ∀ t ∈ L ( D ) . N A 1 ( t ) ⊆ N A 2 ( t ) Intuition: The simplest way for comparing two annotations: A 1 is more “restrictive” than A 2 if it shows no element hidden by A 2 . Proposition Testing 1-restriction is EXPTIME -complete. B. Groz, S. Staworko et al (Mostrare) Secure XML Database Access with Views 10 juillet 2009 15 / 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data

Secure and Efficient Access to Outsourced Data Secure and Efficient Access to Outsourced Data Weichao Wang, Zhiwei Li, Rodney Owens, Bharat Bhargava CCSW 2009: The ACM Cloud Computing Security Workshop 1 The Problem Providing secure and

414 views • 19 slides
Overview Database Security Semantic Integrity Controls Access Control Rules Multilevel

Overview Database Security Semantic Integrity Controls Access Control Rules Multilevel

Overview Database Security Semantic Integrity Controls Access Control Rules Multilevel Secure Databases RBAC in Commercial DBMS Statistical Database Security Simone Fischer-Hbner Applied Security, DAVC17 Relational Database

194 views • 6 slides
CS 61: Database Systems Access via programming languages Agenda 1. Direct database access 2.

CS 61: Database Systems Access via programming languages Agenda 1. Direct database access 2.

CS 61: Database Systems Access via programming languages Agenda 1. Direct database access 2. Web APIs 3. Node.js 2 Python can directly query the database Steps to access MySQL from Python 1. Install connector to MySQL: sudo pip install

578 views • 14 slides
Database Programming in SQL/O RACLE SQL-3 Standard/ORACLE 8: ER-Modeling Schema

Database Programming in SQL/O RACLE SQL-3 Standard/ORACLE 8: ER-Modeling Schema

Database Programming in SQL/ORACLE Database Programming in SQL/O RACLE SQL-3 Standard/ORACLE 8: ER-Modeling Schema Generation Queries Views Complex attributes, nested tables Database Optimization Access

1.6k views • 147 slides
Database Access via Programming Languages 5DV119 Introduction to Database Management Ume a

Database Access via Programming Languages 5DV119 Introduction to Database Management Ume a

Database Access via Programming Languages 5DV119 Introduction to Database Management Ume a University Department of Computing Science Stephen J. Hegner hegner@cs.umu.se http://www.cs.umu.se/~hegner Database Access via Programming

348 views • 20 slides
Database Utilities 10/17/2007 DC/Win Database Utilities Opening Database Utilities From File on

Database Utilities 10/17/2007 DC/Win Database Utilities Opening Database Utilities From File on

Database Utilities 10/17/2007 DC/Win Database Utilities Opening Database Utilities From File on the Menu Bar DC/Win Database Utilities Options Vary Depending on Database Two Types of Databases Sequel (SQL) Database Access Database

460 views • 6 slides
SQL: DDL, ICs, Updates and Views Module 3, Lecture 5 Database Management Systems, R.

SQL: DDL, ICs, Updates and Views Module 3, Lecture 5 Database Management Systems, R.

SQL: DDL, ICs, Updates and Views Module 3, Lecture 5 Database Management Systems, R. Ramakrishnan 1 SQL is More Than Just a Query Language Data-definition language (DDL): Create / destroy / alter relations and views . Define

650 views • 24 slides
This Lecture General Database Security Privileges Database Security Granting

This Lecture General Database Security Privileges Database Security Granting

This Lecture General Database Security Privileges Database Security Granting Revoking Views Database Systems SQL Insertion Attacks Michael Pound Further Reading The Manga Guide to Databases, Chapter 5 Database

285 views • 7 slides
Overview v After ER design, schema refinement, and the definition of views, we have the conceptual

Overview v After ER design, schema refinement, and the definition of views, we have the conceptual

Physical Database Design And Database Tuning Chapter 20 Database Management Systems, R. Ramakrishnan and J. Gehrke 1 Overview v After ER design, schema refinement, and the definition of views, we have the conceptual and external schemas for our

505 views • 11 slides
CS 61: Database Systems Intermediate SQL Adapted from Silberschatz, Korth, and Sundarshan unless

CS 61: Database Systems Intermediate SQL Adapted from Silberschatz, Korth, and Sundarshan unless

CS 61: Database Systems Intermediate SQL Adapted from Silberschatz, Korth, and Sundarshan unless otherwise noted Agenda 1. Views 2. Transactions 3. Integrity constraints 2 Views create virtual tables based on underlying database tables

295 views • 12 slides
Secure Database Commitments and Universal Arguments of Quasi Knowledge Melissa Chase (Microsoft

Secure Database Commitments and Universal Arguments of Quasi Knowledge Melissa Chase (Microsoft

Secure Database Commitments and Universal Arguments of Quasi Knowledge Melissa Chase (Microsoft Research) Ivan Visconti (University of Salerno) Size hiding protocols Traditional secure computation: All existing definitions and Parties

631 views • 22 slides
Ext xtranet 24/7 Client Access Benefits ..secure 24/7 web access to live matters or data

Ext xtranet 24/7 Client Access Benefits ..secure 24/7 web access to live matters or data

Ext xtranet 24/7 Client Access Benefits ..secure 24/7 web access to live matters or data rooms giving current progress and financial updates Information Management ..facilities for buyers/investors/managers to view relevant

2.34k views • 12 slides
Example: bank and its A TM mac hines. 4. Supp orts secure, atomic access to

Example: bank and its A TM mac hines. 4. Supp orts secure, atomic access to

What is a Database Managemen t System? 1. Manages v ery large amoun ts of data. 2. Supp orts ecien t access to v ery large amoun ts of data. 3. Supp orts concurren t access to v.l.a.d. Example: bank

393 views • 14 slides
Last time SQL Views IT420: Database Management and Organization Triggers and Stored

Last time SQL Views IT420: Database Management and Organization Triggers and Stored

Last time SQL Views IT420: Database Management and Organization Triggers and Stored Procedures (Chapter 7, 11) 1 Kroenke, Database Processing 2 Today Triggers Triggers Trigger: stored program that is executed by the DBMS

187 views • 5 slides
Databases CS111 Part 1 Part 2 Know what a database is. Learning how to use Microsoft Access , a

Databases CS111 Part 1 Part 2 Know what a database is. Learning how to use Microsoft Access , a

Databases CS111 Part 1 Part 2 Know what a database is. Learning how to use Microsoft Access , a database management system Understand why they are useful and when you might want to use one. - Create a database Have a basic understanding of

800 views • 37 slides
Setting DBMS must allow concurrent access to databases. Database Usage Imagine a bank

Setting DBMS must allow concurrent access to databases. Database Usage Imagine a bank

Setting DBMS must allow concurrent access to databases. Database Usage Imagine a bank where account information is (and Construction) stored in a database not allowing concurrent access. Then only one person could do a Transactions

475 views • 10 slides
A (partial) discussion of the Kitaev table Gian Michele Graf, ETH Zurich PhD School: September

A (partial) discussion of the Kitaev table Gian Michele Graf, ETH Zurich PhD School: September

A (partial) discussion of the Kitaev table Gian Michele Graf, ETH Zurich PhD School: September 16-20, 2019 @Universit` a degli Studi Roma Tre A (partial) discussion of the Kitaev table Gian Michele Graf, ETH Zurich PhD School: September

2.13k views • 124 slides
Energy Transition: How Fast? Philippe Roos AOGC 2019 | 25 June 2019 2 The Energy Transition

Energy Transition: How Fast? Philippe Roos AOGC 2019 | 25 June 2019 2 The Energy Transition

Energy Transition: How Fast? Philippe Roos AOGC 2019 | 25 June 2019 2 The Energy Transition Fact 0: Climate change is real and manmade Fact 1: The energy transition is happening Fact 2: It is only starting Prediction: 100%

267 views • 12 slides
Master Symmetry and Wilson Loops in AdS/CFT Florian Loebbert Humboldt University Berlin

Master Symmetry and Wilson Loops in AdS/CFT Florian Loebbert Humboldt University Berlin

Master Symmetry and Wilson Loops in AdS/CFT Florian Loebbert Humboldt University Berlin Phys.Rev. D94 (2016), arXiv: 1606.04104 Nucl.Phys. B916 (2017), arXiv: 1610.01161 with Thomas Klose and Hagen Mnkler Integrability in Gauge and String

1.01k views • 29 slides
Spatial Branch-and-Cut for QCQP with Complex Bounded Variables Chen Chen Alper Atamt urk

Spatial Branch-and-Cut for QCQP with Complex Bounded Variables Chen Chen Alper Atamt urk

Spatial Branch-and-Cut for QCQP with Complex Bounded Variables Chen Chen Alper Atamt urk Shmuel S. Oren January 4, 2016 Aussois 2016 SBC for QCQP 1 Introduction (Nonconvex) Complex Bounded QCQP Why Complex? Spatial Branch-and-Cut

479 views • 27 slides
Stellar Dynamical Processes Steinn Sigurdsson Penn State 18 Nov 2002 MBHCoal 02 Hard

Stellar Dynamical Processes Steinn Sigurdsson Penn State 18 Nov 2002 MBHCoal 02 Hard

Stellar Dynamical Processes Steinn Sigurdsson Penn State 18 Nov 2002 MBHCoal 02 Hard Binaries Problem of transiting from the dynamical friction dominated regime to the gravitational radiation dominated regime

455 views • 22 slides
Reasoning about Knowledge in Distributed Systems Using Datalog Matteo Interlandi University of

Reasoning about Knowledge in Distributed Systems Using Datalog Matteo Interlandi University of

DB Group @ unimo Reasoning about Knowledge in Distributed Systems Using Datalog Matteo Interlandi University of Modena and Reggio Emilia Datalog 2.0 Workshop - 11 September 2012, Wien DB Group @ unimo Motivations Preamble The Knowledge

500 views • 34 slides
CS 365 Programming Language Concepts Introduction Jan 13, 2014 Are programming languages

CS 365 Programming Language Concepts Introduction Jan 13, 2014 Are programming languages

CS 365 Programming Language Concepts Introduction Jan 13, 2014 Are programming languages languages? In some universities, the systems used [to program computers] (BASIC, PASCAL, LISP, etc), metaphorically referred to as programming

447 views • 5 slides
Edges and Triangles Po-Shen Loh Carnegie Mellon University Joint work with Jacob Fox Edges in

Edges and Triangles Po-Shen Loh Carnegie Mellon University Joint work with Jacob Fox Edges in

Edges and Triangles Po-Shen Loh Carnegie Mellon University Joint work with Jacob Fox Edges in triangles Observation There are graphs with the property that every edge is contained in a triangle, but no edge is in more than one triangle.

678 views • 37 slides

More recommend