An Effective Query Rewriting Method in Secure XML Access Control
2006, 11(5), pp.127-138
Publisher : The Korean Society Of Computer And Information
Research Area : Computer Science
-
We propose two phase filtering scheme to develop an efficient mechanism for XML databases to control query-based access. An access control environment for XML documents and some techniques to deal with fine-grained authorization priorities and conflict resolution issues are proposed. Despite this, relatively little work has been done to enforce access controls particularly for XML databases in the case of query-based access. The basic idea utilized is that a user query interaction with only necessary access control rules is modified to an alternative form through a query optimization technique, which is guaranteed to have no access violations using tree-aware metadata of XML schemas. The scheme can be applied to any XML database management system and has several advantages such as small execution time overhead, fine-grained controls, and safe and correct query modification. The experimental results clearly demonstrate the efficiency of the approach.
-
[journal] / 2004. / Extensible Markup Language (XML) 1.0
[journal] / 2005. / XPath 2.0, World Wide Web Consortium (W3C)
[journal] / W. Kim and D. Woelk.A Model of Authorization for Next- Generation Database Systems. ACM Transaction on Database Systems 126 : 88~131
[journal] / March,2000 / Securing xml document / on Extending Database Technology (EDBT2000) Konstan : 121~135
[journal] / 2000 / XML Access Control Systems: A Component-Based Approach
[journal] / 2000. / Design and Implementation of Access Control Processor for XML Documents
[journal] / May2002 / A Fine-grained Access Control System for XML Documents 5(2)
[journal] / 2000. / Specifying and Enforcing Access Control Policies for XML Document Sources / Baltzer Science Publishers 3(3)
[journal] / 2001.May.June / and E. Ferrai. Securing XML documents with Author-x. : 21~31
[journal] / 2002 / Secure and Selective Dissemination of XML Documents 5(3) : 237~260
[journal] / 2002.8. / Author-X: A Java-Based System for XML Data Protection
[journal] / 2001. / Regulating Access to XML Documents
[journal] / 2002. / Secure XML Views
[journal] / June2002 / Accelerating XPath Location Steps : 109~120
[journal] / September2003 / Staircase Join: Teach a Relational DBMS to Watch its Axis Steps
[journal] / 2003. / XML Access Control using Static Analysis
[journal] / 2004. / Filtering XPath expressions for XML access control : 591~605
[journal] / November8,2004 / Qfilter: Fine-grained Run-Time XML Access Control via NFA-based Query Rewriting
[journal] / 2005. / Klinginsmith. Access Control for XML- A Dynamic Query Rewriting Approach
[journal] / April2001 / The XML Benchmark Project
-
116 Viewed
Print this page
Download PDF