Skip to Main content Skip to Navigation
New interface
Reports (Research report)

Secure Querying of Recursive XML Views: A Standard XPath-based Technique

Houari Mahfoud 1 Abdessamad Imine 1 
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : Most state-of-the art approaches for securing XML documents allow users to access data only through authorized views defined by annotating an XML grammar (e.g. DTD) with a collection of XPath expressions. To prevent improper disclosure of confidential information, user queries posed on these views need to be rewritten into equivalent queries on the underlying documents. This rewriting enables us to avoid the overhead of view materialization and maintenance. A major concern here is that query rewriting for recursive XML views is still an open problem. To overcome this problem, some works have been proposed to translate XPath queries into non-standard ones, called Regular XPath queries. However, query rewriting under Regular XPath can be of exponential size as it relies on automaton model. Most importantly, Regular XPath remains a theoretical achievement. Indeed, it is not commonly used in practice as translation and evaluation tools are not available. In this paper, we show that query rewriting is always possible for recursive XML views using only the expressive power of the standard XPath. We investigate the extension of the downward class of XPath, composed only by child and descendant axes, with some axes and operators and we propose a general approach to rewrite queries under recursive XML views. Unlike Regular XPath-based works, we provide a rewriting algorithm which processes the query only over the annotated DTD grammar and which can run in linear time in the size of the query. An experimental evaluation demonstrates that our algorithm is efficient and scales well.
Complete list of metadata

Cited literature [18 references]  Display  Hide  Download
Contributor : Houari Mahfoud Connect in order to contact the contributor
Submitted on : Monday, December 12, 2011 - 4:34:07 PM
Last modification on : Wednesday, October 26, 2022 - 8:16:00 AM
Long-term archiving on: : Friday, November 16, 2012 - 3:15:37 PM


Files produced by the author(s)


  • HAL Id : hal-00650958, version 1
  • ARXIV : 1112.2605


Houari Mahfoud, Abdessamad Imine. Secure Querying of Recursive XML Views: A Standard XPath-based Technique. [Research Report] RR-7834, INRIA. 2011, pp.30. ⟨hal-00650958⟩



Record views


Files downloads