Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12] [ 13] [ 14] [ 15] [ 16] [ 17] [ 18]

@

Journal of Information Science and Engineering, Vol. 24 No. 6, pp. 1901-1916 (November 2008)

A Secure Query Language for XML Documents*

Tao-Ku Chang and Gwan-Hwan Hwang+
Department of Computer and Information Science
National Dong Hwa University
Hualien, 970 Taiwan
+Department of Computer Science and Information Engineering
National Taiwan Normal University
Taipei, 106 Taiwan
E-mail: ghhwang@csie.ntnu.edu.tw

The intrinsic standardized property of an XML document provides a convenient way to carry out data exchanges between heterogeneous platforms among organizations via the Internet. The Internet is a public network, and traditionally there has been little protection against unauthorized access to sensitive information, and attacks. Although the W3C proposed the XQuery language [3], which is designed to be broadly applicable across all types of XML data sources, this language does not provide a security mechanism in its query expressions. In this paper, we propose a new XML query language, called the secure XML Query (sXQuery) language. sXQuery is derived from XQuery, and reinforced with a security mechanism; sXQuery combines the specification ability of both the XQuery language and the document security language which is designed to specify the scope and encryption details of XML [9, 11]. The user can specify the query and corresponding encryption details at the same time, that is, in the same sXQuery document. We have designed an sXQuery editor which enables users to generate sXQuery documents without having to write sXQuery source codes directly. Also, we present a scheme to implement an sXQuery engine by using the existing XQuery engine.

Keywords: XML, security, database, XQuery, sXQuery, DSL

Full Text () Retrieve PDF document (200811_18.pdf)

Received January 12, 2007; revised June 26, 2007; accepted August 8, 2007.
Communicated by Chin-Laung Lei.
* The preliminary result of this research was presented in International Conference on Internet Computing, 2002, Las Vegas, Nevada, USA. This work was supported in part by the National Science Council of Taiwan, R.O.C. under grants No. 94-2213-E-003-006 and 95-2221-E-003-007.
+ Corresponding author.