Adaptive XML access control based on query nesting, modification and simplification
Access control is an important aspect in guaranteeing data privacy within XML data sources which are accessed by users with different access rights. The goal of predicative access control for XML data sources is to use XPath expressions to describe that fragment of a given document or database that can be accessed by queries of a certain user. Our approach to access control hides the XML data source within an access control module which implements a combination of two secure query execution plans. The first query execution plan works on copied secure fragments, whereas the second query execution plan transforms a given query into another query that respects all the access rights. For each query the appropriate secure execution plan is determined depending on the query and the user's access rights.
Full Text: PDF