IEEE Transactions on Software Engineering
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Toward a multilevel secure relational data model
SIGMOD '91 Proceedings of the 1991 ACM SIGMOD international conference on Management of data
Formal query languages for secure relational databases
ACM Transactions on Database Systems (TODS)
Role-Based Access Control Models
Computer
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
The string B-tree: a new data structure for string search in external memory and its applications
Journal of the ACM (JACM)
Controlled access and dissemination of XML documents
Proceedings of the 2nd international workshop on Web information and data management
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
On effective multi-dimensional indexing for strings
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
XML document security based on provisional authorization
Proceedings of the 7th ACM conference on Computer and communications security
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X
IEEE Internet Computing
Lattice-Based Access Control Models
Computer
An Extended Authorization Model for Relational Databases
IEEE Transactions on Knowledge and Data Engineering
ICDE '96 Proceedings of the Twelfth International Conference on Data Engineering
A Model of Methods Access Authorization in Object-oriented Databases
VLDB '93 Proceedings of the 19th International Conference on Very Large Data Bases
Author-X: A Java-Based System for XML Data Protection
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
The Cost Model for XML Documents in Relational Database Systems
AICCSA '01 Proceedings of the ACS/IEEE International Conference on Computer Systems and Applications
Compressed accessibility map: efficient access control for XML
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Optimizing the secure evaluation of twig queries
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
AC-XML documents: improving the performance of a web access control module
Proceedings of the tenth ACM symposium on Access control models and technologies
Meta-data indexing for XPath location steps
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Compact access control labeling for efficient secure XML query evaluation
Data & Knowledge Engineering
The dynamic predicate: integrating access control with query processing in XML databases
The VLDB Journal — The International Journal on Very Large Data Bases
Controlling Access to XML Documents over XML Native and Relational Databases
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Query rewriting algorithm evaluation for XML security views
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Extracting global policies for efficient access control of XML documents
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
Consistency and repair for XML write-access control policies
The VLDB Journal — The International Journal on Very Large Data Bases
XML privacy protection model based on cloud storage
Computer Standards & Interfaces
| Hi-index | 0.00 |
XML is the undisputed standard for data representation and exchange. As companies transact business over the Internet, letting authorized customers directly access, and even modify, XML data offers many advantages in terms of cost, accuracy, and timeliness. Given the complex business relationships between companies, and the sensitive nature of information, access must be provided selectively, using sophisticated access control specifications. Using the specification directly to determine if a user has access to an XML data item can be extremely inefficient. The alternative of fully materializing, for each data item, the users authorized to access it can be space-inefficient. In this article, we introduce a compressed accessibility map (CAM) as a space- and time-efficient solution to the access control problem for XML data. A CAM compactly identifies the XML data items to which a user has access, by exploiting structural locality of accessibility in tree-structured data. We present a CAM lookup algorithm for determining if a user has access to a data item that takes time proportional to the product of the depth of the item in the XML data and logarithm of the CAM size. We develop an algorithm for building an optimal size CAM that takes time linear in the size of the XML data set. While optimality cannot be preserved incrementally under data item updates, we provide an algorithm for incrementally maintaining near-optimality. Finally, we experimentally demonstrate the effectiveness of the CAM for multiple users on a variety of real and synthetic data sets.