QFilter: Fine-grained run-time XML access control via NFA-based query rewriting

Research output: Chapter in Book/Report/Conference proceedingConference contribution

50 Scopus citations

Abstract

At present, most of the state-of-the-art solutions for XML access controls are either (1) document-level access control techniques that are too limited to support fine-grained security enforcement; (2) view-based approaches that are often expensive to create and maintain; or (3) impractical proposals that require substantial security-related support from underlying XML databases. In this paper, we take a different approach that assumes no security support from underlying XML databases and examine three alternative fine-grained XML access control solutions, namely primitive, pre-processing and post-processing approaches. In particular, we advocate a pre-processing method called QFilter that uses Non-deterministic Finite Automata (NFA) to rewrite user's query such that any parts violating access control rules are pruned. We show the construction and execution of a QFilter and demonstrate its superiority to other competing methods.

Original languageEnglish (US)
Title of host publicationCIKM 2004: Proceedings of the Thirteenth ACM Conference on Information and Knowledge Management
EditorsD.A. Evans, L. Gravano, O. Herzog, C. Zhai, M. Ronthaler
Pages543-552
Number of pages10
StatePublished - 2004
EventCIKM 2004: Proceedings of the Thirteenth ACM Conference on Information and Knowledge Management - Washington, DC, United States
Duration: Nov 8 2004Nov 13 2004

Other

OtherCIKM 2004: Proceedings of the Thirteenth ACM Conference on Information and Knowledge Management
CountryUnited States
CityWashington, DC
Period11/8/0411/13/04

All Science Journal Classification (ASJC) codes

  • Business, Management and Accounting(all)

Fingerprint Dive into the research topics of 'QFilter: Fine-grained run-time XML access control via NFA-based query rewriting'. Together they form a unique fingerprint.

Cite this