A fine-grained access control system for XML documents
ACM Transactions on Information and System Security (TISSEC)
Accelerating XPath location steps
Proceedings of the 2002 ACM SIGMOD international conference on Management of data
Securing XML Documents with Author-X
IEEE Internet Computing
Regulating access to XML documents
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
The XML benchmark project
XML access control using static analysis
Proceedings of the 10th ACM conference on Computer and communications security
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Staircase join: teach a relational DBMS to watch its (axis) steps
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
A general approach to securely querying XML
Computer Standards & Interfaces
Secure XML querying based on authorization graphs
Information Systems Frontiers
| Hi-index | 0.00 |
This work is a proposal for an efficient yet secure XML access control enforcement which has been specifically designed to support fine-grained security policy. Based on metadata in the DTD, we propose the SQ-Filter which is a pre-processing method that checks on necessary access control rules, and rewrites a user's query by extending/eliminating query tree nodes, and by injecting operators that combine a set of nodes from the user's query point of view. The scheme has several advantages over other suggested schemes. These include small execution time overhead, and safe and correct query modification. The experimental results clearly demonstrate the efficiency of the approach.