xml security views
play

XML Security Views Queries, Updates, and Schema Beno t Groz - PowerPoint PPT Presentation

XML Security Views Queries, Updates, and Schema Beno t Groz University of Lille, Mostrare INRIA PhD defense, October 2012 Beno t Groz (Mostrare) XML Security Views PhD defense, October 2012 1 / 45 Talk Outline Context 1


  1. XML Security Views Queries, Updates, and Schema Benoˆ ıt Groz University of Lille, Mostrare INRIA PhD defense, October 2012 Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 1 / 45

  2. Talk Outline Context 1 Motivations XML framework Problems presented Modelization 2 Alignments VPAs Determinacy and Query rewriting 3 Definition, hardness results A restriction: interval bounded-queries Our results View update 4 Deterministic schema 5 Glushkov relations and determinism Problem statement Algorithm to decide determinism Summary Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 2 / 45

  3. Outline Context 1 Motivations XML framework Problems presented Modelization 2 3 Determinacy and Query rewriting 4 View update 5 Deterministic schema Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 3 / 45

  4. Context: Protecting data March 2011: an attack retrieved huge mailing lists from Epsilon, a leading online marketing company. April 2011: Sony’s PlayStation network : 100 million customer accounts compromised including street numbers, email, and passwords. June 2011: CitiBank communicated a breach into 1% of its credit card accounts (200.000 customers). March 2012: 1.500.000 card numbers compromised as a result of unauthorized access into GlobalPayment processing system. Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 4 / 45

  5. Context: XML constellation Purpose: large-scale electronic publishing usability over the Internet compatibility with SGML facilitating automatic processing of the documents Features: document model: a document = a tree Languages to manipulate the document: Query and Transformation languages: XPath, XQuery, XQUF, XSLT Schema languages: DTD, RelaxNG, XML Schema, Schematron Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 5 / 45

  6. Our project The Source side: The View side: the hidden part what the user sees Definition of view V Access Schema View schema specification View document XML document t t ′ = V iew ( V , t ) ? Query Q 1 over Query Q real document over the view Source update u s View update u v Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 6 / 45

  7. Our project Project: Develop techniques for XML security views. Originally: techniques to reason about XML security views. ... but the problem addressed are general database problems: can find application in any system using views, and more... Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 7 / 45

  8. XML document XMLDocument Tree representation bib <bib> <book> paper <author> Abiteboul </author> book book . . . . . . <author> Vianu </author> <title> Foundations. . . </title> author author title </book> <book> Abiteboul Vianu Foundations. . . . . . </book> <paper> . . . </paper> </bib> labeled ordered unranked trees Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 8 / 45

  9. XML document XMLDocument Tree representation bib <bib> <book> paper <author> Abiteboul </author> book book . . . . . . <author> Vianu </author> <title> Foundations. . . </title> author author title </book> <book> Abiteboul Vianu Foundations. . . . . . </book> <paper> . . . </paper> </bib> labeled ordered unranked trees Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 8 / 45

  10. XML document XMLDocument Tree representation bib <bib> <book> paper <author> Abiteboul </author> book book . . . . . . <author> Vianu </author> <title> Foundations. . . </title> author author title </book> <book> Abiteboul Vianu Foundations. . . . . . </book> <paper> . . . </paper> </bib> labeled ordered unranked trees Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 8 / 45

  11. XML document XMLDocument Tree representation bib <bib> <book> paper <author> Abiteboul </author> book book . . . . . . <author> Vianu </author> <title> Foundations. . . </title> author author title </book> <book> Abiteboul Vianu Foundations. . . . . . </book> <paper> . . . </paper> </bib> labeled ordered unranked trees Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 8 / 45

  12. DTD DTD D tree t satisfying D bib bib → ( book + paper ) ∗ paper book → author ∗ , title book book . . . . . . author → # PCDATA title → # PCDATA author author title Abiteboul Vianu Foundations. . . Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 9 / 45

  13. XPath Definition Query: function t �→ Q ( t ) ⊆ Nodes ( t ) Several XPath languages: XPath 1.0, XPath 2.0, XPath 3.0 ... Researchers very often focus on the navigational core. Core XPath 1.0 ⊂ Conditional XPath ⊂ Regular XPath [Marx EDBT’04] . Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 10 / 45

  14. XPath House of Windsor king K queen king N N king king duke king duke K K queen queen king king king queen king Q Regular XPath: path expressions with transitive closure and filters N ⇓ ∗ :: duke K ( ⇓ :: king / ⇓ :: queen ) ∗ Q ( ⇓ :: king / ⇓ :: queen ) ∗ / self::[ ⇒ :: king / ⇒ :: king ] Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 11 / 45

  15. XPath House of Windsor king K queen king N N king king duke king duke K K queen queen king king king queen king Q Regular XPath: path expressions with transitive closure and filters N ⇓ ∗ :: duke K ( ⇓ :: king / ⇓ :: queen ) ∗ Q ( ⇓ :: king / ⇓ :: queen ) ∗ / self::[ ⇒ :: king / ⇒ :: king ] Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 11 / 45

  16. XPath House of Windsor king K queen king N N king king duke king duke K K queen queen king king king queen king Q Regular XPath: path expressions with transitive closure and filters N ⇓ ∗ :: duke K ( ⇓ :: king / ⇓ :: queen ) ∗ Q ( ⇓ :: king / ⇓ :: queen ) ∗ / self::[ ⇒ :: king / ⇒ :: king ] Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 11 / 45

  17. XQUF Update language based on XQuery (thereby on XPath) for $ x in ⇓ ∗ :: duke return delete node $ x , insert node <other>...</other> before $ x king king queen queen king king king king other queen king other duke queen king duke . . . . . . Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 12 / 45

  18. (Security) views Security views are simple views defined in [Fan et al.’04 and ’07]. Operations: hide or rename nodes. Example Storing successive versions of papers, hiding old versions DTD D 0 : docs → paper ∗ paper → name , version version → number , files , prev prev → version | ε Q 0 = ⇓ :: paper / (self ∪ ⇓ :: name ∪ ⇓ :: version / ⇓ :: files ) Here, security view = pair ( D 0 , Q 0 ) Nodes selected by Q 0 (plus root) are visible, others are hidden. Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 13 / 45

  19. (Security) views What happens when the parent of a visible node n is hidden? Two approaches: forbid this (upward-closed queries) = ⇒ makes things simpler or n gets adopted by its closest visible ancestor = ⇒ more expressive � � docs docs � � paper paper � � � name files name version � number files prev version files number V iew ( Q 0 , t ) A document t � D 0 Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 14 / 45

  20. (Security) views What happens when the parent of a visible node n is hidden? Two approaches: forbid this (upward-closed queries) = ⇒ makes things simpler or n gets adopted by its closest visible ancestor = ⇒ more expressive � � docs docs � � paper paper � � � name files name version � number files prev version files number V iew ( Q 0 , t ) A document t � D 0 Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 14 / 45

  21. 3 selected pieces PB 1 (Queries): Determinacy and Query rewriting PB 2 (Updates): The view update problem PB 3 (Schema): check if a schema is “correct” w.r.t. W3C specifications Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 15 / 45

  22. Outline 1 Context Modelization 2 Alignments VPAs Determinacy and Query rewriting 3 View update 4 Deterministic schema 5 Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 16 / 45

  23. Queries, Views, and Updates as Alignment languages Representing a query with alignments Q 0 = ⇓ :: paper / (self ∪ ⇓ :: name ∪ ⇓ :: version / ⇓ :: files ) ( docs , docs ) ( paper , paperle ) ( name , name ) ( version , ε ) ( number , ε ) ( files , files ) ( prev , ε ) ( version , ε ) ( files , ε ) ( number , ε ) One alignment in Q 0 Queries only select: alphabet= { ( a , β ) | a ∈ Σ , β = a or β = ε } Views select or rename: alphabet= { ( a , β ) | a ∈ Σ , β ∈ Σ ∪ { ε }} Benoˆ ıt Groz (Mostrare) XML Security Views PhD defense, October 2012 17 / 45

Recommend


More recommend