A flexible framework for architecting XML access control enforcement mechanisms

Research output: Contribution to journalArticlepeer-review

6 Scopus citations


Due to the growing interest in XML security, various access control schemes have been proposed recently. However, little effort has been put forth to facilitate a uniform analysis and comparison of these schemes under the same framework. This paper presents a first attempt toward a flexible framework that can capture the design principles and operations of existing XML access control mechanisms. Under this framework, we observe that most existing XML access control mechanisms share the same design principle with slightly different orderings of underlying building blocks (i.e., data, query, and access control rule). Furthermore, according to the framework, we identify four plausible approaches to implement XML access controls, namely built-in, view-based, pre-processing and post-processing. Finally, we compare the actual performance of different approaches.

Original languageEnglish (US)
Pages (from-to)133-147
Number of pages15
JournalLecture Notes in Computer Science
StatePublished - 2004

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • General Computer Science


Dive into the research topics of 'A flexible framework for architecting XML access control enforcement mechanisms'. Together they form a unique fingerprint.

Cite this