A General Approach for Securely Updating XML Data

International audience; Over the past years several works have proposed access con- trol models for XML data where only read-access rights over non-recursive DTDs are considered. A small number of works have studied the access rights for updates. In this paper, we present a general model for specifying access con- trol on XML data in the presence of the update operations of W3C XQuery Update Facility. Our approach for enforc- ing such update specification is based on the notion of query rewriting. A major issue is that query rewriting for recursive DTDs is still an open problem. We show that this limitation can be avoided using only the expressive power of the stan- dard XPath, and we propose a linear algorithm to rewrite each update operation defined over an arbitrary DTD (re- cursive or not) into a safe one in order to be evaluated only over the XML data which can be updated by the user. This paper represents the first effort for securely XML updating in the presence of arbitrary DTDs (recursive or not) and a rich fragment of XPath.