Informatics Report Series



Related Pages

Report (by Number) Index
Report (by Date) Index
Author Index
Institute Index

Title:Secure XML Querying with Security Views
Authors: Wenfei Fan ; MInos Garofalakis ; Chee Yong Chan
Date:Jun 2004
Publication Title:Proceedings of SIGMOD 2004 (International Conference on Management of Data)
Publication Type:Conference Paper Publication Status:Published
Page Nos:587-598
DOI:10.1145/1007568.1007634 ISBN/ISSN:1-58113-85
The prevalent use of XML highlights the need for a generic, flexible access-control mechanism for XML documents that supports efficient and secure query access, without revealing sensitive information to unauthorized users. This paper introduces a novel paradigm for specifying XML security constraints and investigates the enforcement of such constraints during XML query evaluation. Our approach is based on the novel concept of security views, which provide for each user group (a) an XML view consisting of all and only the information that the users are authorized to access, and (b) a view DTD that the XML view conforms to. Security views effectively protect sensitive data from access and potential inferences by unauthorized users, and provide authorized users with necessary schema information to facilitate effective query formulation and optimization. We propose an efficient algorithm for deriving security view definitions from security policies (defined on the original document DTD) for different user groups. We also develop novel algorithms for XPath query rewriting and optimization such that queries over security views can be efficiently answered without materializing the views. Our algorithms transform a query over a security view to an equivalent query over the original document, and effectively prune query nodes by exploiting the structural properties of the document DTD in conjunction with approximate XPath containment tests. Our work is the first to study a flexible, DTD-based access-control model for XML and its implications on the XML query-execution engine. Furthermore, it is among the first efforts for query rewriting and optimization in the presence of general DTDs for a rich class of XPath queries. An empirical study based on real-life DTDs verifies the effectiveness of our approac
Links To Paper
The ACM Digital Library
Bibtex format
author = { Wenfei Fan and MInos Garofalakis and Chee Yong Chan },
title = {Secure XML Querying with Security Views},
book title = {Proceedings of SIGMOD 2004 (International Conference on Management of Data)},
publisher = {ACM},
year = 2004,
month = {Jun},
pages = {587-598},
doi = {10.1145/1007568.1007634},
url = {},

Home : Publications : Report 

Please mail <> with any changes or corrections.
Unless explicitly stated otherwise, all material is copyright The University of Edinburgh