| EPSRC Reference: |
GR/T27433/01 |
| Title: |
A Security Model For XML |
| Principal Investigator: |
Fan, Professor W |
| Other Investigators: |
|
| Researcher Co-Investigators: |
|
| Project Partners: |
|
| Department: |
Sch of Informatics |
| Organisation: |
University of Edinburgh |
| Scheme: |
Standard Research (Pre-FEC) |
| Starts: |
01 July 2005 |
Ends: |
30 June 2008 |
Value (£): |
309,596
|
| EPSRC Research Topic Classifications: |
| Fundamentals of Computing |
Information & Knowledge Mgmt |
| Software Engineering |
|
|
| EPSRC Industrial Sector Classifications: |
|
| Related Grants: |
|
| Panel History: |
|
|
Summary on Grant Application Form |
|
In response to the increasing need for XML security, the proposed research is to develop the first security model for XML that supports flexible access-policy specifications, access and inference control, efficient enforcement techniques for access policies, and schema availability. The novelty of our model consists in the following:(a) access policies specified upon a document DTD or XML Schema (at the conceptual level) as opposed to annotating data elements in the database (at the physical level) by previous systems;(b) a notion of security views, which provide for each user group an XML view characterizing all and only the information that the users are authorised to access, and a view schema that the XML view conforms to in order to facilitate query formulation/optimisation;(c) algorithms for automatically deriving a security view from an access-control specification; and(d) algorithms for efficiently rewriting and optimizing XML queries over the views to equivalent queries over the original documents, such that the views do not need to be materialised. The proposed research is also to investigate fundamental issues in connection with XML security such as the expressive power/complexity of access specifications and reasoning techniques for security views. We expect to develop a clean security theory for XML as well as effective, efficient and practical tools.
|
|
Key Findings |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Potential use in non-academic contexts |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Impacts |
|
| Description |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk |
| Summary |
|
| Date Materialised |
|
|
|
|
Sectors submitted by the Researcher |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
| Project URL: |
|
| Further Information: |
|
| Organisation Website: |
http://www.ed.ac.uk |