Skip to Main Content
XML is rapidly emerging as a standard for data representation and exchange over the World Wide Web and an increasing amount of sensitive business data is processed in the XML format. Therefore, it is critical to have control mechanisms to restrict a user to access only the parts of XML documents that he/she is authorized to access. In this paper, we propose the first DTD-based access control model that employs graph matching to analyze if an input query is fully acceptable, fully rejectable, or partially acceptable, and to rewrite for partially acceptable queries only if necessary, along with the features of optimization and speed-up for query rewriting by introducing an index structure.
Date of Conference: 21-23 May 2007