Nowadays, increasing needs for information sharing arise due to extensive collaborations among organizations. Organizations desire to provide data access to their collaborators while preserving full control over the data and comprehensive privacy of their users. A number of information systems have been developed to provide efficient and secure information sharing. However, most of the solutions proposed so far are built atop of conventional data warehousing or distributed database technologies. Recently, information brokering systems have been proposed to provide privacy-preserving information sharing among loosely federated data sources. However, they are still vulnerable to attribute-correlation attacks during query routing, due to the lack of protection of the routed queries. In this paper, we investigate the problems caused by such an attack, and propose a countermeasure by limiting the view of query content at each intermediate broker.We show that the proposed content-basedXPath query routing scheme with level-based encryption and commutative encryption can effectively prevent an attribute-correlation attack originated by ompromised brokers, with reasonable overhead.