Towards translating authorizations for transformed XML documents

Web based services and applications have increased the availability and accessibility of information. XML has recently emerged as an important standard in the area of information representation. XML documents can represent information at different levels of sensitivity. However, XML access control models proposed in the literature enforce access restrictions directly on the structure and content of an XML document. Therefore the authorizations, which specify access rights of users on information within an XML document, must be revised whenever the structure of the XML document is changed. We present two approaches that translate the authorizations for the transformed XML document. The first approach translates instance-level authorizations by using instance-level mapping between instance nodes of source document and those of transformed document. The second approach translates schema-level authorizations by using schema mapping between schema elements of the source schema and those of the target XML schema.