Abstract
At present, most of the state-of-the-art solutions for XML access controls are either (1) document-level access control techniques that are too limited to support fine-grained security enforcement; (2) view-based approaches that are often expensive to create and maintain; or (3) impractical proposals that require substantial security-related support from underlying XML databases. In this paper, we take a different approach that assumes no security support from underlying XML databases and examine three alternative fine-grained XML access control solutions, namely primitive, pre-processing and post-processing approaches. In particular, we advocate a pre-processing method called QFilter that uses Non-deterministic Finite Automata (NFA) to rewrite user's query such that any parts violating access control rules are pruned. We show the construction and execution of a QFilter and demonstrate its superiority to other competing methods.
| Original language | English (US) |
|---|---|
| Title of host publication | CIKM 2004: Proceedings of the Thirteenth ACM Conference on Information and Knowledge Management |
| Editors | D.A. Evans, L. Gravano, O. Herzog, C. Zhai, M. Ronthaler |
| Pages | 543-552 |
| Number of pages | 10 |
| State | Published - 2004 |
| Event | CIKM 2004: Proceedings of the Thirteenth ACM Conference on Information and Knowledge Management - Washington, DC, United States Duration: Nov 8 2004 → Nov 13 2004 |
Other
| Other | CIKM 2004: Proceedings of the Thirteenth ACM Conference on Information and Knowledge Management |
|---|---|
| Country/Territory | United States |
| City | Washington, DC |
| Period | 11/8/04 → 11/13/04 |
All Science Journal Classification (ASJC) codes
- Business, Management and Accounting(all)