Kuper, Gabriel and Massacci, Fabio and Rassadko, Nataliya (2005) Query Rewriting over Generalized XML Security Views. UNSPECIFIED. (Unpublished)
We investigate the experimental effectiveness of XML security views. Our model consists of access control policies specified over DTDs with XPath expression for data-dependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that is used by users for query formulation. To avoid the overhead of view materialization in query answering, these queries later undergo rewriting so that they are valid over the original DTD schema, and thus the query answer is computed from the original XML data. We provide an algorithm for query rewriting and show its performance compared with the naive approach, i.e. the approach that requires view materialization.
Actions (login required)