Integration and efficient lookup of compressed XML accessibility maps

XML is emerging as a useful platform-independent data representation language. As more and more XML data is shared across data sources, it becomes important to consider the issue of XML access control. One promising approach to store the accessibility information is based on the CAM (compressed accessibility map). We make two advancements in this direction: 1) Previous work suggests that for each user group and each operation type, a different CAM is built. We observe that the performance and storage requirements can be further improved by combining multiple CAMs into an ICAM (integrated CAM). We explore this possibility and propose an integration mechanism. 2) If the change in structure of the XML data is not frequent, we suggest an efficient lookup method, which can be applied to CAMs or ICAMs, with a much lower time complexity compared to the previous approach. We show by experiments the effectiveness of our approach.

[1]  Maarten Marx,et al.  Specifying access control policies for XML documents with XPath , 2004, SACMAT '04.

[2]  Laks V. S. Lakshmanan,et al.  Compressed Accessibility Map: Efficient Access Control for XML , 2002, VLDB.

[3]  Wenfei Fan,et al.  Secure XML querying with security views , 2004, SIGMOD '04.

[4]  Ada Wai-Chee Fu,et al.  Efficient Accessibility Lookup for XML , 2003, Applied Informatics.

[5]  Sabrina De Capitani di Vimercati,et al.  A fine-grained access control system for XML documents , 2002, TSEC.

[6]  Quanzhong Li,et al.  Indexing and Querying XML Data for Regular Path Expressions , 2001, VLDB.

[7]  Elisa Bertino,et al.  Secure and selective dissemination of XML documents , 2002, TSEC.

[8]  Elisa Bertino,et al.  Controlled access and dissemination of XML documents , 1999, WIDM '99.

[9]  Ronald Fagin,et al.  On an authorization mechanism , 1978, TODS.

[10]  Elisa Bertino,et al.  A model of authorization for next-generation database systems , 1991, TODS.

[11]  Michiharu Kudo,et al.  XML document security based on provisional authorization , 2000, CCS.

[12]  FuAda Wai-Chee,et al.  Integration and Efficient Lookup of Compressed XML Accessibility Maps , 2005 .

[13]  Elisa Bertino,et al.  An Extended Authorization Model for Relational Databases , 1997, IEEE Trans. Knowl. Data Eng..

[14]  Ernesto Damiani,et al.  Securing XML Documents , 2000, EDBT.

[15]  Ronald E. Prather,et al.  Discrete mathematical structures for computer science , 1976 .

[16]  Won Kim,et al.  A Model of Authorization for Object-Oriented and Semantic Databases , 1988, EDBT.

[17]  Clifford Stein,et al.  Introduction to Algorithms, 2nd edition. , 2001 .

[18]  Bradford W. Wade,et al.  An authorization mechanism for a relational database system , 1976, TODS.

[19]  Marianne Winslett,et al.  Formal query languages for secure relational databases , 1994, TODS.

[20]  Ehud Gudes,et al.  A Model of Methods Access Authorization in Object-oriented Databases , 1993, VLDB.

[21]  Makoto Murata,et al.  XML access control using static analysis , 2006, TSEC.