XML Security Views Revisited

International audienceIn this paper, we revisit the view based security framework for XML without imposing any of the previously considered restrictions on the class of queries, the class of DTDs, and the type of annotations used to dene the view. First, we show that the full class of Regular XPath queries is closed under query rewriting. Next, we address the problem of constructing a DTD that describes the view schema, which in general needs not be regular. We propose three dierent methods of ap- proximating the view schema and we show that the produced DTDs are indistinguishable from the exact schema (with queries from a class speci c for each method). Finally, we investigate problems of static analysis of security access specications

A General Approach for Securely Querying and Updating XML Data

Over the past years several works have proposed access control models for XML data where only read-access rights over non-recursive DTDs are considered. A few amount of works have studied the access rights for updates. In this paper, we present a general model for specifying access control on XML data in the presence of update operations of W3C XQuery Update Facility. Our approach for enforcing such updates specifications is based on the notion of query rewriting where each update operation defined over arbitrary DTD (recursive or not) is rewritten to a safe one in order to be evaluated only over XML data which can be updated by the user. We investigate in the second part of this report the secure of XML updating in the presence of read-access rights specified by a security views. For an XML document, a security view represents for each class of users all and only the parts of the document these users are able to see. We show that an update operation defined over a security view can cause disclosure of sensitive data hidden by this view if it is not thoroughly rewritten with respect to both read and update access rights. Finally, we propose a security view based approach for securely updating XML in order to preserve the confidentiality and integrity of XML data.Comment: No. RR-7870 (2012

Secure Querying of Recursive XML Views: A Standard XPath-based Technique

Most state-of-the art approaches for securing XML documents allow users to access data only through authorized views defined by annotating an XML grammar (e.g. DTD) with a collection of XPath expressions. To prevent improper disclosure of confidential information, user queries posed on these views need to be rewritten into equivalent queries on the underlying documents. This rewriting enables us to avoid the overhead of view materialization and maintenance. A major concern here is that query rewriting for recursive XML views is still an open problem. To overcome this problem, some works have been proposed to translate XPath queries into non-standard ones, called Regular XPath queries. However, query rewriting under Regular XPath can be of exponential size as it relies on automaton model. Most importantly, Regular XPath remains a theoretical achievement. Indeed, it is not commonly used in practice as translation and evaluation tools are not available. In this paper, we show that query rewriting is always possible for recursive XML views using only the expressive power of the standard XPath. We investigate the extension of the downward class of XPath, composed only by child and descendant axes, with some axes and operators and we propose a general approach to rewrite queries under recursive XML views. Unlike Regular XPath-based works, we provide a rewriting algorithm which processes the query only over the annotated DTD grammar and which can run in linear time in the size of the query. An experimental evaluation demonstrates that our algorithm is efficient and scales well.Comment: (2011

XRound : A reversible template language and its application in model-based security analysis

Successful analysis of the models used in Model-Driven Development requires the ability to synthesise the results of analysis and automatically integrate these results with the models themselves. This paper presents a reversible template language called XRound which supports round-trip transformations between models and the logic used to encode system properties. A template processor that supports the language is described, and the use of the template language is illustrated by its application in an analysis workbench, designed to support analysis of security properties of UML and MOF-based models. As a result of using reversible templates, it is possible to seamlessly and automatically integrate the results of a security analysis with a model. (C) 2008 Elsevier B.V. All rights reserved

A 3D immersive discrete event simulator for enabling prototyping of factory layouts

There is an increasing need to eliminate wasted time and money during factory layout design and subsequent construction. It is presently difficult for engineers to foresee if a certain layout is optimal for work and material flows. By exploiting modelling, simulation and visualisation techniques, this paper presents a tool concept called immersive WITNESS that combines the modelling strengths of Discrete Event Simulation (DES) with the 3D visualisation strengths of recent 3D low cost gaming technology to enable decision makers make informed design choices for future factories layouts. The tool enables engineers to receive immediate feedback on their design choices. Our results show that this tool has the potential to reduce rework as well as the associated costs of making physical prototypes

Troubling Signs for South African Democracy under the ANC

Thirteen years ago, South Africa underwent a peaceful transition from white minority rule to majority rule. Today, the country is a stable multiparty democracy. It has the largest and the most sophisticated economy in Africa, which generates almost 40 percent of all the wealth produced on the African continent south of the Sahara. The African National Congress government, which came to power in 1994, deserves credit for stabilizing the economy and returning it to a steady, albeit slow, growth path. The ANC's democratic record is less impressive. The government has transformed the state-owned South African Broadcasting Corporation into an ANC propaganda machine that has banned some of the government's most prominent critics from appearing on it. The culture of political correctness stifles public debate over the direction of South Africa's economic and social policies. Those who dare to criticize the government are often labeled as racist. Moreover, the ANC is considering new laws that would undermine judicial independence. It is increasingly apparent that the ANC wishes to dominate the social and institutional life of South Africa in the same way that it dominates the country's political life. Fortunately, the ANC continues to put great value on its international reputation and tends to be hypersensitive to international criticism. When the government does not act in accordance with the spirit of liberal democracy, members of international civil society groups, the diplomatic corps, and the business community should voice their concern. Constructive criticism could change the ANC's behavior and positively influence political developments in South Africa

Publication of XML documents without Information Leakage with data inference

Recent applications are using an increasing need that publishing XML documents should meet precise security requirements. In this paper, we are considering data publishing applications where the publisher specifies what information is more sensitive and should be protected from outside world user. We show that if a given document is published carelessly then users can use common knowledge to guess any information. The goal here is to protect such information in the presence of data inference with common knowledge. The most important feature of XML formatting is it allows for adding schema declarations with integrity constraints to instance data and allow composing individual pieces of data in a tree-like fashion in which a link from a parent node to a sub tree carries some ontological information about the relationship between individual pieces of data This system work as inference problem in XML documents consists of potentially secrets and important information. Our work gives solution for this problem by providing the control mechanism for enforcing inference usability of XML document. Output of our work is again a XML document that is under their inference capabilities which neither contain nor imply any confidential information and it is indistinguishable from the actual XML document. In the proposed work it produced the weaken document which takes the consideration of inference capabilities and according to this modifies there schemas and produce inference proof documents. DOI: 10.17762/ijritcc2321-8169.15077