讲座题目:Secure XML Querying with Security Views
讲座时间:2005年10月12日晚8:00
讲座地点:曹光标西楼201
欢迎广大同学和教师参加。
特别说明:讲座列入学院研究生“读书报告”计划,请广大研究生积极参与。
内容简介:
The prevalent use of XML highlights the important issue of ensuring the selective exposure of XML content to different user groups based on their access privileges. The problem of securing XML querying is to ensure that, given a user query Q over an XML database T, the evaluation of Q returns only information in T that the user is allowed to access. This calls for 1) an expressive language for specifying access policies for multiple user groups at various levels of granularity; 2) efficient techniques to enforce access policies during XML query evaluation; and 3) the ability to derive and provide a view schema for each group of users, characterizing their accessible data in order to facilitate query formulation and optimization. Previous proposals and standards for XML security are to specify and enforce access policies at a physical level by either annotating data nodes or materializing XML views. This is costly for large XML databases, and worse still, is error-prone when the underlying data or access policies are updated. Furthermore, none of these models supports schema availability.
In this talk, I shall present a security model that both specifies and enforces XML access control at a conceptual (schema) level. The novelty of the model consists in 1) a language to specify access policies upon a document DTD, 2) a notion of security views characterizing all and only the information that the users are authorized to access, along with view DTDs that the views are guaranteed to conform to; 3) algorithms for automatically deriving a security-view definition from a access-control specification; and (4) algorithms for efficiently rewriting and optimizing XML queries over security views to equivalent queries over the original database, such that the views do not need to be materialized. These yield an effective approach to supporting access control and schema availability for XML data.
主讲人:
Wenfei Fan(School of Informatics, University of Edinburgh, Internet Management Research Dept, Bell Labs)
http://homepages.inf.ed.ac.uk/wenfei/
Dr. Wenfei Fan, Reader in the University of Edinburgh. Prior to his move to Edinburgh, he worked as a principal investigator at Bell Laboratories and as a tenured associate professor at Temple University. He is also an adjunct professor at the University of Pennsylvania and Drexel University. Dr. Fan was the recipient of a Career Award, the National Science Foundation's highest honor for young faculty. Dr. Fan has been working on XML and Web databases. His work has consistently ranked at the top of all major database theory and system conferences (SIGMOD, PODS, VLDB, ICDT) and has been invited to the leading computer science journals including JACM, JCSS, TOCL, TCS. He has served on the programme committees for the most prestigious database conferences: ACM SIGMOD, PODS, VLDB and ICDT.
Peter Buneman(University of Edinburgh and Digital Curation Centre)
http://www.cis.upenn.edu/~peter/
Peter Buneman is Professor of Database Systems in the School of Informatics at the University of Edinburgh. His work in computer science has focused mainly on databases and programming languages, specifically: active databases, database semantics, approximate information, query languages, types for databases, data integration, bioinformatics and semistructured data - an area in which he has co-authored a book. He has recently worked on issues associated with scientific databases such as data provenance, archiving and annotation. He has served on numerous programme committees, editorial boards and working groups, and has been programme chair for ACM SIGMOD, ACM PODS and ICDT. He is a fellow of the Royal Society of Edinburgh, a fellow of the ACM and the recipient of a Royal Society Wolfson Merit Award. He is research director of the UK Digital Curation Centre. Before joining the University of Edinburgh, Peter Buneman was a Professor at the Department of Computer and Information Science at the University of Pennsylvania. He received his undergraduate degree from Cambridge University, his graduate degree from the University of Warwick, and he did postdoctoral work at the University of Edinburgh. He has held visiting positions at the University of Glasgow, Imperial College, Kyoto University and INRIA. In addition to computer science, he has made contributions to graph theory and to the mathematics of phylogeny.
Jeffery Xu Yu
http://www.se.cuhk.edu.hk/people/yu.html
Jeffrey Xu Yu received his B.E., M.E. and Ph.D. in computer science, from the University of Tsukuba, Japan, in 1985, 1987 and 1990, respectively. Jeffrey Xu Yu was a research fellow (Apr. 1990 --Mar. 1991) and was a faculty member (Apr. 1991 -- July 1992) in the Institute of Information Sciences and Electronics, University of Tsukuba. From July 1992 to June 2000, he was a Lecturer in the Department of Computer Science, The Australian National University. Currently, he is an Associate Professor in the Department of Systems Engineering and Engineering Management, the Chinese University of Hong Kong. Jeffrey Xu Yu is a member of ACM, and a member of IEEE Computer Society.
讲座时间:2005年10月12日晚8:00
讲座地点:曹光标西楼201
欢迎广大同学和教师参加。
特别说明:讲座列入学院研究生“读书报告”计划,请广大研究生积极参与。
内容简介:
The prevalent use of XML highlights the important issue of ensuring the selective exposure of XML content to different user groups based on their access privileges. The problem of securing XML querying is to ensure that, given a user query Q over an XML database T, the evaluation of Q returns only information in T that the user is allowed to access. This calls for 1) an expressive language for specifying access policies for multiple user groups at various levels of granularity; 2) efficient techniques to enforce access policies during XML query evaluation; and 3) the ability to derive and provide a view schema for each group of users, characterizing their accessible data in order to facilitate query formulation and optimization. Previous proposals and standards for XML security are to specify and enforce access policies at a physical level by either annotating data nodes or materializing XML views. This is costly for large XML databases, and worse still, is error-prone when the underlying data or access policies are updated. Furthermore, none of these models supports schema availability.
In this talk, I shall present a security model that both specifies and enforces XML access control at a conceptual (schema) level. The novelty of the model consists in 1) a language to specify access policies upon a document DTD, 2) a notion of security views characterizing all and only the information that the users are authorized to access, along with view DTDs that the views are guaranteed to conform to; 3) algorithms for automatically deriving a security-view definition from a access-control specification; and (4) algorithms for efficiently rewriting and optimizing XML queries over security views to equivalent queries over the original database, such that the views do not need to be materialized. These yield an effective approach to supporting access control and schema availability for XML data.
主讲人:
Wenfei Fan(School of Informatics, University of Edinburgh, Internet Management Research Dept, Bell Labs)
http://homepages.inf.ed.ac.uk/wenfei/
Dr. Wenfei Fan, Reader in the University of Edinburgh. Prior to his move to Edinburgh, he worked as a principal investigator at Bell Laboratories and as a tenured associate professor at Temple University. He is also an adjunct professor at the University of Pennsylvania and Drexel University. Dr. Fan was the recipient of a Career Award, the National Science Foundation's highest honor for young faculty. Dr. Fan has been working on XML and Web databases. His work has consistently ranked at the top of all major database theory and system conferences (SIGMOD, PODS, VLDB, ICDT) and has been invited to the leading computer science journals including JACM, JCSS, TOCL, TCS. He has served on the programme committees for the most prestigious database conferences: ACM SIGMOD, PODS, VLDB and ICDT.
Peter Buneman(University of Edinburgh and Digital Curation Centre)
http://www.cis.upenn.edu/~peter/
Peter Buneman is Professor of Database Systems in the School of Informatics at the University of Edinburgh. His work in computer science has focused mainly on databases and programming languages, specifically: active databases, database semantics, approximate information, query languages, types for databases, data integration, bioinformatics and semistructured data - an area in which he has co-authored a book. He has recently worked on issues associated with scientific databases such as data provenance, archiving and annotation. He has served on numerous programme committees, editorial boards and working groups, and has been programme chair for ACM SIGMOD, ACM PODS and ICDT. He is a fellow of the Royal Society of Edinburgh, a fellow of the ACM and the recipient of a Royal Society Wolfson Merit Award. He is research director of the UK Digital Curation Centre. Before joining the University of Edinburgh, Peter Buneman was a Professor at the Department of Computer and Information Science at the University of Pennsylvania. He received his undergraduate degree from Cambridge University, his graduate degree from the University of Warwick, and he did postdoctoral work at the University of Edinburgh. He has held visiting positions at the University of Glasgow, Imperial College, Kyoto University and INRIA. In addition to computer science, he has made contributions to graph theory and to the mathematics of phylogeny.
Jeffery Xu Yu
http://www.se.cuhk.edu.hk/people/yu.html
Jeffrey Xu Yu received his B.E., M.E. and Ph.D. in computer science, from the University of Tsukuba, Japan, in 1985, 1987 and 1990, respectively. Jeffrey Xu Yu was a research fellow (Apr. 1990 --Mar. 1991) and was a faculty member (Apr. 1991 -- July 1992) in the Institute of Information Sciences and Electronics, University of Tsukuba. From July 1992 to June 2000, he was a Lecturer in the Department of Computer Science, The Australian National University. Currently, he is an Associate Professor in the Department of Systems Engineering and Engineering Management, the Chinese University of Hong Kong. Jeffrey Xu Yu is a member of ACM, and a member of IEEE Computer Society.
