A secure query language for XML documents

Tao Ku Chang, Gwan-Hwan Hwang

Research output: Contribution to journalArticle

Abstract

The intrinsic standardized property of an XML document provides a convenient way to carry out data exchanges between heterogeneous platforms among organizations via the Internet. The Internet is a public network, and traditionally there has been little protection against unauthorized access to sensitive information, and attacks. Although the W3C proposed the XQuery language [3], which is designed to be broadly applicable across all types of XML data sources, this language does not provide a security mechanism in its query expressions. In this paper, we propose a new XML query language, called the secure XML Query (sXQuery) language. sXQuery is derived from XQuery, and reinforced with a security mechanism; sXQuery combines the specification ability of both the XQuery language and the document security language which is designed to specify the scope and encryption details of XML [9, 11]. The user can specify the query and corresponding encryption details at the same time, that is, in the same sXQuery document. We have designed an sXQuery editor which enables users to generate sXQuery documents without having to write sXQuery source codes directly. Also, we present a scheme to implement an sXQuery engine by using the existing XQuery engine.

Original languageEnglish
Pages (from-to)1901-1916
Number of pages16
JournalJournal of Information Science and Engineering
Volume24
Issue number6
Publication statusPublished - 2008 Nov 1

Keywords

  • DSL
  • Database
  • SXQuery
  • Security
  • XML
  • XQuery

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Hardware and Architecture
  • Library and Information Sciences
  • Computational Theory and Mathematics

Fingerprint Dive into the research topics of 'A secure query language for XML documents'. Together they form a unique fingerprint.

  • Cite this