Access control for XML - a dynamic query rewriting approach

We introduce the notion of views as a mechanism for securing and providing access control in the context of XML. Research in XML has explored several efficient querying mechanisms. Hiding sensitive data from unauthorized users is as important as supporting efficient querying of visible data. However, given the semi-structured nature of XML data, this is non-trivial, as access control can be applied on the values of nodes as well as on the structural relationship between nodes. In this context, we present an algebraic security view specification language SSX for DBAs to specify security constraints for different user groups. A Security Annotated Schema (SAS) is proposed as the internal representation for the security views and can be automatically constructed from the original schema and the security view specification sequence used to define the security constraint. We also propose a set of rules that can be used to rewrite user XPath queries on the security view into an equivalent XQuery expression that can be executed against the original data, with the guarantee that the users only see information in the view and not infer any data that was blocked. Experimental evaluation demonstrates that our approach is expressive and efficient.