QFilter: fine-grained run-time XML access control via NFA-based query rewriting

QFilter: fine-grained run-time XML access control via NFA-based query rewriting QFilter: Fine-Grained Run-Time XML Access Control via NFA-based Query Rewriting Bo Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu The Pennsylvania State University, University Park, PA 16802, USA bluo@ist.psu.edu, dongwon@psu.edu, wlee@cse.psu.edu, pliu@ist.psu.edu ABSTRACT At present, most of the state-of-the-art solutions for XML access controls are either (1) document-level access control techniques that are too limited to support fine-grained security enforcement; (2) view-based approaches that are often expensive to create and maintain; or (3) impractical proposals that require substantial security-related support from underlying XML databases. In this paper, we take a different approach that assumes no security support from underlying XML databases and examine three alternative fine-grained XML access control solutions, namely primitive, pre-processing and post-processing approaches. In particular, we advocate a pre-processing method called QFilter that uses Non-deterministic Finite Automata (NFA) to rewrite user's query such that any parts violating access control rules are pruned. We show the construction and execution of a QFilter and demonstrate its superiority to other competing methods. systems (e.g. Apache), is to allow specification and control of data access at the document (or file) level. However, this simple solution is not sufficient for today's XML applications, where data access needs to be performed at http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png

QFilter: fine-grained run-time XML access control via NFA-based query rewriting

Association for Computing Machinery — Nov 13, 2004

Loading next page...
/lp/association-for-computing-machinery/qfilter-fine-grained-run-time-xml-access-control-via-nfa-based-query-N6WvWjIJC1
Datasource
Association for Computing Machinery
Copyright
Copyright © 2004 by ACM Inc.
ISBN
1-58113-874-1
D.O.I.
10.1145/1031171.1031273
Publisher site
See Article on Publisher Site

Abstract

QFilter: Fine-Grained Run-Time XML Access Control via NFA-based Query Rewriting Bo Luo, Dongwon Lee, Wang-Chien Lee, Peng Liu The Pennsylvania State University, University Park, PA 16802, USA bluo@ist.psu.edu, dongwon@psu.edu, wlee@cse.psu.edu, pliu@ist.psu.edu ABSTRACT At present, most of the state-of-the-art solutions for XML access controls are either (1) document-level access control techniques that are too limited to support fine-grained security enforcement; (2) view-based approaches that are often expensive to create and maintain; or (3) impractical proposals that require substantial security-related support from underlying XML databases. In this paper, we take a different approach that assumes no security support from underlying XML databases and examine three alternative fine-grained XML access control solutions, namely primitive, pre-processing and post-processing approaches. In particular, we advocate a pre-processing method called QFilter that uses Non-deterministic Finite Automata (NFA) to rewrite user's query such that any parts violating access control rules are pruned. We show the construction and execution of a QFilter and demonstrate its superiority to other competing methods. systems (e.g. Apache), is to allow specification and control of data access at the document (or file) level. However, this simple solution is not sufficient for today's XML applications, where data access needs to be performed at

There are no references for this article.

You’re reading a free preview. Subscribe to read the entire article.


DeepDyve is your
personal research library

It’s your single place to instantly
discover and read the research
that matters to you.

Enjoy affordable access to
over 18 million articles from more than
15,000 peer-reviewed journals.

All for just $49/month

Explore the DeepDyve Library

Search

Query the DeepDyve database, plus search all of PubMed and Google Scholar seamlessly

Organize

Save any article or search result from DeepDyve, PubMed, and Google Scholar... all in one place.

Access

Get unlimited, online access to over 18 million full-text articles from more than 15,000 scientific journals.

Your journals are on DeepDyve

Read from thousands of the leading scholarly journals from SpringerNature, Wiley-Blackwell, Oxford University Press and more.

All the latest content is available, no embargo periods.

See the journals in your area

DeepDyve

Freelancer

DeepDyve

Pro

Price

FREE

$49/month
$360/year

Save searches from
Google Scholar,
PubMed

Create folders to
organize your research

Export folders, citations

Read DeepDyve articles

Abstract access only

Unlimited access to over
18 million full-text articles

Print

20 pages / month

PDF Discount

20% off