A Logical Formalization of a Secure XML Database
This work addresses security in XML databases for users and administrators, but it appears incremental as it builds on existing logical formalization methods.
The authors tackled the problem of securing XML databases by defining a logical theory that incorporates XPath queries and XUpdate modifications, and extended it with security policies for read and write privileges, resulting in axioms to derive user-permitted views and updated database content.
In this paper, we first define a logical theory representing an XML database supporting XPath as query language and XUpdate as modification language. We then extend our theory with predicates allowing us to specify the security policy protecting the database. The security policy includes rules addressing the read and write privileges. We propose axioms to derive the database view each user is permitted to see. We also propose axioms to derive the new database content after an update.