A general approach to securely querying XML

Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user views on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML dataset. The aim of this paper is to describe a model combining the advantages of these approaches and overcoming their limitations. The model specification is given using a Finite State Automata, ensuring generality and easiness of standardization w.r.t. specific implementation techniques

A general approach to securely querying XML

XML access control requires the enforcement of highly expressive access control policies to support schema-, document and object-specific protection requirements. Access control models for XML data can be classified in two major categories: node filtering and query rewriting systems. The first category includes approaches that use access policies to compute secure user views on XML data sets. User queries are then evaluated on those views. In the second category of approaches, authorization rules are used to transform user queries to be evaluated against the original XML data set. The pros and cons for these approaches have been widely discussed in the framework of XML access control standardization activities. The aim of this paper is to describe a model combining the advantages of these approaches and overcoming their limitations, suitable as the basis of a standard technique for XML access control enforcement. The model specification is given using a Finite State Automata, ensuring generality w.r.t. specific implementation techniques

A General Approach for Securely Querying and Updating XML Data

Over the past years several works have proposed access control models for XML data where only read-access rights over non-recursive DTDs are considered. A few amount of works have studied the access rights for updates. In this paper, we present a general model for specifying access control on XML data in the presence of update operations of W3C XQuery Update Facility. Our approach for enforcing such updates specifications is based on the notion of query rewriting where each update operation defined over arbitrary DTD (recursive or not) is rewritten to a safe one in order to be evaluated only over XML data which can be updated by the user. We investigate in the second part of this report the secure of XML updating in the presence of read-access rights specified by a security views. For an XML document, a security view represents for each class of users all and only the parts of the document these users are able to see. We show that an update operation defined over a security view can cause disclosure of sensitive data hidden by this view if it is not thoroughly rewritten with respect to both read and update access rights. Finally, we propose a security view based approach for securely updating XML in order to preserve the confidentiality and integrity of XML data.Comment: No. RR-7870 (2012

Implementing Multi Agent Systems (MAS)-based trust and reputation in smart IoT environments : A thesis submitted in partial fulfilment of the requirements for the Degree of Doctor of Philosophy at Lincoln University

The Internet of Things (IoT) provides advanced services by interconnecting a huge number of heterogeneous smart things (virtual or physical devices) through existing interoperable information and communication technologies. As IoT devices become more intelligent, they will have the ability to communicate and cooperate with each other. In doing so, enormous amount of sensitive data will flow within the network such as a credit card information, medical data, factory details, pictures and videos. With sensitive data flowing through the network, privacy becomes one of most important issues facing IoT. Studies of data sensitivity and privacy indicate the importance of evaluating the trustworthiness of IoT participants to maximize the satisfaction and the performance of the IoT applications. It is also important to maintain successful collaboration between the devices deployed in the network and ensure all devices operate in a trustworthy manner. This research aims to determine: How to select the best service provider in an IoT environment based on the trustworthiness and the reputation of the service provider? To achieve this, we proposed an IoT agent-based decentralized trust and reputation model IoT-CADM (Comprehensive Agent-based Decision-making Model for IoT) to select the best service providers for a particular service based on multi-context quality of services. IoT-CADM as a novel trust and reputation model, is developed for the smart multi-agent IoT environment to gather information from entities and score them using a new trust and reputation scoring mechanism. IoT-CADM aims to ensure that the service consumers are serviced by the best service providers in the IoT environment which in turn maximizes the service consumers’ satisfaction, which lead the IoT entities to operate and make-decisions on behalf of its owner in a trustworthy manner. To evaluate the performance of the proposed model against some other well-known models like ReGreT, SIoT, and R-D-C, we implemented a scenario based on the SIPOC Supply Chain approach developed using an agent development framework called JADE. This research used the TOPSIS approach to compare and rank the performance of these models based on different parameters that have been chosen carefully for fair comparison. The TOPSIS result confirmed that the proposed IoT-CADM has the highest performance. In addition, the model can be tuned to its parameters weight to adapt to varying scenarios in honest and dishonest agents’ environments