Gesellschaft für Informatik e.V.

Lecture Notes in Informatics

Datenbanksysteme in Business, Technologie und Web, 11. Fachtagung des GIFachbereichs “Datenbanken und Informationssysteme” (DBIS), 2.-4. März 2005 Karlsruhe. GI 2005 P-65, 295-304 (2005).

GI, Gesellschaft für Informatik, Bonn


Gottfried Vossen, Frank Leymann, Peter Lockemann, Wolffried Stucky (eds.)

Copyright © GI, Gesellschaft für Informatik, Bonn


Adaptive XML access control based on query nesting, modification and simplification

Stefan Böttcher and Rita Steinmetz


Access control is an important aspect in guaranteeing data privacy within XML data sources which are accessed by users with different access rights. The goal of predicative access control for XML data sources is to use XPath expressions to describe that fragment of a given document or database that can be accessed by queries of a certain user. Our approach to access control hides the XML data source within an access control module which implements a combination of two secure query execution plans. The first query execution plan works on copied secure fragments, whereas the second query execution plan transforms a given query into another query that respects all the access rights. For each query the appropriate secure execution plan is determined depending on the query and the user's access rights.

Full Text: PDF

GI, Gesellschaft für Informatik, Bonn
ISBN 3-885794-6

Last changed 24.01.2012 21:50:12