Filtering XPath expressions for XML access control

Jae Myeong Jeon, Yon Dohn Chung, Myoung Ho Kim, Yoon Joon Lee

Research output: Contribution to journalArticle

9 Citations (Scopus)

Abstract

XPath is a standard for specifying parts of XML documents and a suitable language for both query processing and access control of XML. In this paper, we use the XPath expression for representing user queries and access control for XML. And we propose an access-control method for XML, where we control accesses to XML documents by filtering query XPath expressions through access-control XPath expressions. For filtering the access-denied parts out of query XPath expressions, set operations (such as, intersection and difference) between the XPath expressions are essential. However, it is known that the containment problem of two XPath expressions is coNP-hard when the XPath expressions contain predicates (or branch), wildcards and descendant axes. To solve the problem, we directly search XACT (XML Access Control Tree) for a query XPath expression and extract the access-granted parts. The XACT is our proposed structure, where the edges are structural summary of XML elements and the nodes contain access-control information. We show that the query XPath expressions are successfully filtered through the XACT by our proposed method, and also show the performance improvement by comparing the proposed method with the previous work.

Original languageEnglish
Pages (from-to)591-605
Number of pages15
JournalComputers and Security
Volume23
Issue number7
DOIs
Publication statusPublished - 2004 Oct

Keywords

  • Access control
  • Query processing
  • Security
  • XML
  • XPath

ASJC Scopus subject areas

  • Computer Science(all)
  • Law

Fingerprint Dive into the research topics of 'Filtering XPath expressions for XML access control'. Together they form a unique fingerprint.

  • Cite this