A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Formal query languages for secure relational databases
ACM Transactions on Database Systems (TODS)
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
The string B-tree: a new data structure for string search in external memory and its applications
Journal of the ACM (JACM)
Minimal data upgrading to prevent inference and association attacks
PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Controlled access and dissemination of XML documents
Proceedings of the 2nd international workshop on Web information and data management
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
Design and implementation of an access control processor for XML documents
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
An Extended Authorization Model for Relational Databases
IEEE Transactions on Knowledge and Data Engineering
ICDE '96 Proceedings of the Twelfth International Conference on Data Engineering
A Model of Methods Access Authorization in Object-oriented Databases
VLDB '93 Proceedings of the 19th International Conference on Very Large Data Bases
Derived access control specification for XML
Proceedings of the 2003 ACM workshop on XML security
A compressed accessibility map for XML
ACM Transactions on Database Systems (TODS)
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Integration and Efficient Lookup of Compressed XML Accessibility Maps
IEEE Transactions on Knowledge and Data Engineering
A function-based access control model for XML databases
Proceedings of the 14th ACM international conference on Information and knowledge management
Incremental adaptation of XPath access control views
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Automaton segmentation: a new approach to preserve privacy in xml information brokering
Proceedings of the 14th ACM conference on Computer and communications security
Secure XML publishing without information leakage in the presence of data inference
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
An integrated access control for securely querying and updating XML data
ADC '08 Proceedings of the nineteenth conference on Australasian database - Volume 75
Access control system to XML databases: a framework
IMSA '07 Proceedings of the Eleventh IASTED International Conference on Internet and Multimedia Systems and Applications
A rewrite based approach for enforcing access constraints for XML
KES'07/WIRN'07 Proceedings of the 11th international conference, KES 2007 and XVII Italian workshop on neural networks conference on Knowledge-based intelligent information and engineering systems: Part III
A unified conflict resolution algorithm
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
QFilter: rewriting insecure XML queries to secure ones using non-deterministic finite automata
The VLDB Journal — The International Journal on Very Large Data Bases
User-managed access control for health care systems
SDM'05 Proceedings of the Second VDLB international conference on Secure Data Management
Extracting global policies for efficient access control of XML documents
WISE'05 Proceedings of the 6th international conference on Web Information Systems Engineering
Authorization-Transparent access control for XML under the non-truman model
EDBT'06 Proceedings of the 10th international conference on Advances in Database Technology
XML access control with policy matching tree
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Hybrid authorizations and conflict resolution
SDM'06 Proceedings of the Third VLDB international conference on Secure Data Management
Secure XML querying based on authorization graphs
Information Systems Frontiers
Pragmatic XML access control using off-the-shelf RDBMS
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
HyXAC: a hybrid approach for XML access control
Proceedings of the 18th ACM symposium on Access control models and technologies
| Hi-index | 0.00 |
XML is widely regarded as a promising means for data representation integration, and exchange. As companies transact business over the Internet, the sensitive nature of the information mandates that access must be provided selectively, using sophisticated access control specifications. Using the specification directly to determine if a user has access to a specific XML data item can hence be extremely inefficient. The alternative of fully materializing, for each data item, the users authorized to access it can be space-inefficient. In this paper, we propose a space- and time-efficient solution to the access control problem for XML data. Our solution is based on a novel notion of a compressed accessibility map (CAM), which compactly identifies the XML data items to which a user has access, by exploiting structural locality of accessibility in tree-structured data. We present a CAM lookup algorithm for determining if a user has access to a data item; it takes time proportional to the product of the depth of the item in the XML data and logarithm of the CAM size.