| XML is rapidly emerging as the new standard for data representation andexchange on the Internet. It is increasingly common to find operational dataand other business information in XML format. In light of the sensitive natureof such business information, this also raises the important issue of securingXML content, and highlights the need for a generic, flexible access controlmechanism for XML documents that supports efficient and secure query access,without revealing sensitive information to unauthorized users. On theseconditions, this paper analyzes and compares the internal and externalresearches of XML's access control mechanism, and researches the problemfrom a new point of view.Firstly, this paper introduces the access specifications and security views.An access specification is an extension of a document DTD, associatingsecurity annotations which specify structure and content based accessibility ofthe corresponding elements. The security annotations are XPath qualifiers. Asecurity view is a mapping from document DTD with respect to accessspecification. The security view is exposed to users authorized by accessspecification so that they can formulate and pose their queries, while thesecurity annotations and original document DTD are invisible to users. Thispaper also analyzes security view derivation algorithm. The algorithm canautomatically computes a security view definition with respect to the accessspecification.Secondly, this paper improves the rewriting algorithm. Given the cost ofmaterializing and maintaining views, the algorithm can transform a query overthe security view to an equivalent query over the original document DTD. Italso takes into account non-recursive views and recursive views.Thirdly, this paper considers XPath query optimization. The optimizedquery is more efficiently, it will enforce on the document and lessen the timeand space cost.Finally, the empirical study verifying the feasibility and effectiveness ofapproach in this paper. |
PDF Full Text Request