Many existing access controls use node filtering or
querying rewriting techniques. These techniques require
rather time-consuming processes such as parsing,
labeling, pruning and/or rewriting queries into
safe ones each time a user requests a query or takes
an action. In this paper, we propose a fine-grained access
control model, named SecureX, which supports
read and write privileges. With our novel access control
concept, various access types are introduced, including
those for determining if a user has the right
to change XML structure. Furthermore, SecureX can
be integrated well with a dynamic labeling scheme
to eliminate repetitive labeling and pruning processes
when determining a user view. This brings about advantages
of speeding up searching and querying processes.
When comparing to a traditional node filtering
technique, our integrated access control model
takes less processing steps. Experiments have shown
effectiveness of our approach. |
| Cite as: Duong, M. and Zhang, Y. (2008). An Integrated Access Control for Securely Querying and Updating XML Data. In Proc. Nineteenth Australasian Database Conference (ADC 2008), Wollongong, NSW, Australia. CRPIT, 75. Fekete, A. and Lin, X., Eds. ACS. 75-83. |
 (from crpit.com)
(local if available)
|