This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Integration and Efficient Lookup of Compressed XML Accessibility Maps
July 2005 (vol. 17 no. 7)
pp. 939-953
XML is emerging as a useful platform-independent data representation language. As more and more XML data is shared across data sources, it becomes important to consider the issue of XML access control. One promising approach to store the accessibility information is based on the CAM (Compressed Accessibility Map). We make two advancements in this direction: 1) Previous work suggests that for each user group and each operation type, a different CAM is built. We observe that the performance and storage requirements can be further improved by combining multiple CAMs into an ICAM (Integrated CAM). We explore this possibility and propose an integration mechanism. 2) If the change in structure of the XML data is not frequent, we suggest an efficient lookup method, which can be applied to CAMs or ICAMs, with a much lower time complexity compared to the previous approach. We show by experiments the effectiveness of our approach.

[1] Document Object Model (DOM) Level 1 Specification, version 1.0, W3C recommendation 1, http://www.w3.org/trrec-dom-level-1, Oct. 1998.
[2] B. Kolman and R.C. Busby, Discrete Mathematical Structures for Computer Science. Prentice-Hall Int'l Editions, second ed. 1987.
[3] E. Bertino, S. Castano, E. Ferrari, and M. Mesiti, “Controlled Access and Dissemination of XML Documents,” Proc. Second Int'l Workshop Web Information and Data Management, Nov. 1999.
[4] E. Bertino and E. Ferrari, “Secure and Selective Dissemination of XML Documents,” ACM Trans. Information and System Security, vol. 5, no. 3, pp. 290-331, Aug. 2002.
[5] E. Bertino, P. Samarati, and S. Jajodia, “An Extended Authorization Model for Relational Databases,” IEEE Trans. Knowledge and Data Eng., vol. 9, no. 1, pp. 85-101, Jan./Feb. 1997.
[6] P. Bird, “Implementing Low Level Access Control with DB2 UDB,” The IDUG Solutions J., vol. 7, no. 3, 2000.
[7] E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati, “Securing XML Documents,” Proc. Int'l Conf. Extending Database Technology, pp. 121-135, Mar. 2000.
[8] E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, and P. Samarati, “A Fine-Grained Access Control System for XML Documents,” ACM Trans. Information and System Security, vol. 5, pp. 169-202, May 2002.
[9] A.L. Diaz and D. Lovell XML Generator, www.alphaworks.ibm. com/techxmlgenerator /, Sept. 1999.
[10] R. Fagin, “On an Authorization Mechanism,” ACM Trans. Database Systems, vol. 3, pp. 310-319, Sept. 1978.
[11] W. Fan, C. Chan, and M. Garofalakis, “Secure XML Querying with Security Views,” Proc. ACM Int'l Conf. Management of Data, pp. 587-598, 2004.
[12] I. Fundulaki and M. Marx, “Specifying Access Control Policies for XML Documents with XPath,” Proc. ACM Symp. Access Control Models and Technologies, pp. 61-69, 2004.
[13] N. Gal-Oz, E. Gudes, and E.B. Fernandez, “A Model of Methods Access Authorization in Object-Oriented Databases,” Proc. Very Large Data Bases Conf., 1993.
[14] P. Griffiths and B. Wade, “An Authorization Mechanism for a Relational Database System,” ACM Trans. Database Systems, vol. 1, pp. 242-255, Sept. 1976.
[15] M. Kudo and S. Hada, “XML Document Security Based on Provisional Authorization,” Proc. ACM Conf. Computer and Comm. Security, pp. 87-96, Nov. 2000.
[16] Q. Li and B. Moon, “Indexing and Querying XML Data for Regular Path Expressions.,” Proc. Very Large Data Bases Conf., 2001.
[17] M. Jiang and A. Fu, “Efficient Accessibility Lookup for XML,” Proc. Int'l Conf. Databases and Applications (DBA2003), Feb. 2003.
[18] M. Jiang and A. Fu, “Integration and Efficient Lookup of Compressed XML Accessibility Maps,” Technical Report CS-TR-2005-1, Dept. Computer Science and Eng., Chinese Univ. of Hong Kong, 2005.
[19] M. Murata, A. Tozawa, M. Kudo, and S. Hada, “XML Access Control Using Static Analysis,” Proc. ACM Conf. Computer and Comm. Security, pp. 73-84, 2003.
[20] F. Rabitti, E. Bertino, W. Kim, and D. Woelk, “A Model of Authorization for Next-Generation Database Systems,” ACM Trans. Database Systems, vol. 16, pp. 88-131, Mar. 1991.
[21] F. Rabitti, D. Woelk, and W. Kim, “A Model of Authorization for Object-Oriented and Semantic Databases,” Proc. Int'l Conf. Extending Database Technology, Mar. 1988.
[22] D. Raphaely et al., “Establishing Security Policies,” Oracle8i Application Developer's Guide— Fundamentals Release 8.1.5, chapter 12, Feb. 1999.
[23] T. Cormen, C. Leiserson, R. Rivest, and C. Stein, Introduction to Algorithms. The MIT Press, second ed., 2002.
[24] M. Winslett, K. Smith, and X. Qian, “Formal Query Languages for Secure Relational Databases,” ACM Trans. Database Systems, vol. 19, pp. 626-662, Dec. 1994.
[25] T. Yu, D. Srivastava, L.V.S. Lakshmanan, and H.V. Jagadish, “Compressed Accessibility Map: Efficient Access Control for XML,” Proc. Very Large Data Bases Conf., pp. 478-489, 2002.

Index Terms:
Index Terms- XML security, ICAM, CAM, XML accessibility lookup.
Citation:
Mingfei Jiang, Ada Wai-Chee Fu, "Integration and Efficient Lookup of Compressed XML Accessibility Maps," IEEE Transactions on Knowledge and Data Engineering, vol. 17, no. 7, pp. 939-953, July 2005, doi:10.1109/TKDE.2005.111
Usage of this product signifies your acceptance of the Terms of Use.