We consider problems of access control for update of XML documents. In the
context of XML programming, types can be viewed as hedge automata, and static
type checking amounts to verify that a program always converts valid source
documents into also valid output documents. Given a set of update operations we
are particularly interested by checking safety properties such as preservation
of document types along any sequence of updates. We are also interested by the
related policy consistency problem, that is detecting whether a sequence of
authorized operations can simulate a forbidden one. We reduce these questions
to type checking problems, solved by computing variants of hedge automata
characterizing the set of ancestors and descendants of the initial document
type for the closure of parameterized rewrite rules

Jacquemard, Florent

Rusinowitch, Michael

English

arXiv

We consider problems of access control for update of XML documents. In the context of XML programming, types can be viewed as hedge automata, and static type checking amounts to verify that a program always converts valid source documents into also valid output documents. Given a set of update operations we are particularly interested by checking safety properties such as preservation of document types along any sequence of updates. We are also interested by the related policy consistency problem, that is detecting whether a sequence of authorized operations can simulate a forbidden one. We reduce these questions to type checking problems, solved by computing variants of hedge automata characterizing the set of ancestors and descendants of the initial document type for the closure of parameterized rewrite rules

HAL - Université de Franche-Comté

Rewrite based Verification of XML Updates

INRIA a CCSD electronic archive server

Florent Jacquemard

Michael Rusinowitch

CiteSeerX

Rewrite based verification of XML updates

International audienceWe propose a model for XML update primitives of the W3C XQuery Update Facility as parameterized rewriting rules of the form: "insert an unranked tree from a regular tree language L as the first child of a node labeled by a". For these rules, we give type inference algorithms, considering types defined by several classes of unranked tree automata. These type inference algorithms are directly applicable to XML static typechecking, which is the problem of verifying whether, a given document transformation always converts source documents of a given input type into documents of a given output type. We show that typechecking for arbitrary sequences of XML update primitives can be done in polynomial time when the unranked tree automaton defining the output type is deterministic and complete, and that it is EXPTIME-complete otherwise. We then apply the results to the verification of access control policies for XML updates. We propose in particular a polynomial time algorithm for the problem of local consistency of a policy, that is, for deciding the non-existence of a sequence of authorized update operations starting from a given document that simulates a forbidden update operation

Rewrite-Based Verification of XML Updates

We propose a model for XML update primitives of the W3C XQuery Update Facility as parameterized rewriting rules of the form: ”insert an unranked tree from a regular tree language L as the first child of a node labeled by a”. For these rules, we give type inference algorithms, considering types defined by several classes of unranked tree automata. These type inference algorithms are directly applicable to XML static typechecking, which is the problem of verifying whether, a given document transformation always converts source documents of a given input type into documents of a given output type. We show that typechecking for arbi-trary sequences of XML update primitives can be done in polynomial time when the unranked tree automaton defin-ing the output type is deterministic and complete, and that it is EXPTIME-complete otherwise. We then apply the results to the verification of access con-trol policies for XML updates. We propose in particular a polynomial time algorithm for the problem of local consis-tency of a policy, that is, for deciding the non-existence of a sequence of authorized update operations starting from a given document that simulates a forbidden update opera-tion

Rewrite-based verification of XML updates

http://www.avantssar.eu/pdf/publications/ppdp10.pdf

Rewrite based Verification of XML Updates

Abstract

Similar works

Full text

Available Versions

HAL - Université de Franche-Comté

INRIA a CCSD electronic archive server

CiteSeerX

HAL - Université de Franche-Comté

CiteSeerX