Encyclopedia of Database Systems

2018 Edition
| Editors: Ling Liu, M. Tamer Özsu

XML Access Control

  • Dongwon LeeEmail author
  • Ting Yu
Reference work entry
DOI: https://doi.org/10.1007/978-1-4614-8265-9_790


XML access control refers to the practice of limiting access to (parts of) XML data to only authorized users. Similar to access control over other types of data and resources, XML access control is centered around two key problems: (i) the development of formal models for the specification of access control policies over XML data; and (ii) techniques for efficient enforcement of access control policies over XML data.

Historical Background

Access control is one of the fundamental security mechanisms in information systems. It is concerned with who can access which information under what circumstances. The need for access control arises naturally when a multi-user system offers selective access to shared information. As one of the oldest problems in security, access control has been studied extensively in a variety of contexts, including operating systems, databases, and computer networks.

The most influential policy models today are discretional access control (DAC),...

This is a preview of subscription content, log in to check access.

Recommended Reading

  1. 1.
    Bertino E, Ferrari E. Secure and selective dissemination of XML documents. ACM Trans Inform Syst Secur. 2002;5(3):290–331.CrossRefGoogle Scholar
  2. 2.
    Bouganim L, Ngoc FD, Pucheral P. Client-based access control management for XML documents. In: Proceedings of the 30th International Conference on Very Large Data Bases; 2004. p. 84–95.CrossRefGoogle Scholar
  3. 3.
    Cho S, Amer-Yahia S, Lakshmanan LVS, Srivastava D. Optimizing the secure evaluation of twig queries. In: Proceedings of the 28th International Conference on Very Large Data Bases; 2002. p. 490–501.CrossRefGoogle Scholar
  4. 4.
    Damiani E, Vimercati S, Paraboschi S, Samarati P. A fine-grained access control system for XML documents. ACM Trans Inform Syst Secur. 2002;5(2):169–202.CrossRefGoogle Scholar
  5. 5.
    Fan W, Chan CY, Garofalakis M. Secure XML querying with security views. In: Proceedings of the ACM SIGMOD International Conference on Management of Data; 2004. p. 587–98.Google Scholar
  6. 6.
    Koudas N, Rabinovich M, Srivastava D, Yu T. Routing XML queries. In: Proceedings of the 20th International Conference on Data Engineering; 2004. p. 844.Google Scholar
  7. 7.
    Kudo M, Hada S. XML document security based on provisional authorization. In: Proceedings of the 7th ACM Conference on Computer and Communications Security; 2002. p. 87–96.Google Scholar
  8. 8.
    Li F, Luo B, Liu P, Lee D, Chu CH. Automaton segmentation: a new approach to preserve privacy in XML information brokering. In: Proceedings of the 14th ACM Conference on Computer and Communications Security; 2007. p. 508–18.Google Scholar
  9. 9.
    Luo B, Lee D, Lee WC, Liu P. QFilter: fine-grained run-time XML access control via NFA-based query rewriting. In: Proceedings Intrnational Conference on Information and Knowledge Management; 2004. p. 543–52.Google Scholar
  10. 10.
    Murata M, Tozawa A, Kudo M. XML access control using static analysis. In: Proceedings of the 10th ACM Conference on Computer and Communication Security; 2003. p. 73–84.Google Scholar
  11. 11.
    Yu T, Srivastava D, Lakshmanan LVS, Jagadish HV. A compressed accessibility map for XML. ACM Trans Database Syst. 2004;29(2):363–402.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.The Pennsylvania State UniversityParkUSA
  2. 2.North Carolina State UniversityRaleighUSA

Section editors and affiliations

  • Sihem Amer-Yahia
    • 1
  1. 1.Laboratoire d'Informatique de GrenobleCNRS and LIGGrenobleFrance