Static analysis of XML security views and query rewriting

Abstract

In this paper, we revisit the view based security framework for XML without imposing any of the previously considered restrictions on the class of queries, the class of DTDs, and the type of annotations used to define the view. First, we study query rewriting with views when the classes used to define queries and views are Regular XPath and MSO. Next, we investigate problems of static analysis of security access specifications (SAS): we introduce the novel class of interval-bounded SAS and we define three different manners to compare views (i.e. queries) from a security point of view. We provide a systematic study of the complexity for deciding these three comparisons, when the depth of the XML documents is bounded, when the document may have an arbitrary depth but the queries defining the views are restricted to guarantee the interval-bounded property, and in the general setting without restriction on queries and document