|
| | | |
Privacy-Aware Access Control in XML Databases
Landberg, A. H., Rahayu, J. W. and Pardede, E.
With the growing use of XML for data transfer and data storage across the web, securing XML documents has become an important issue. The XML privacy and data access control issues are especially significant in XML data repositories because they typically store large collections of highly sensitive business data, health information, etc. Protecting privacy by only restricting access to individual nodes in the XML document tree is not sufficient, as combinations of nodes and aggregations thereof can lead to disclosure of sensitive information. Moreover, a mechanism is required to cope with such combined data privacy levels, as they must be validated on query-time. Extending from XML access control models, this paper proposes a privacy-aware access control model for XML with composite security levels, which adds a further level of fine-granularity to existing ap- proaches. In order to enforce these composite secu- rity levels, we then introduce a methodology based on path-triggers. Finally, we evaluate the performance of our new approach using three different implementation techniques. |
Cite as: Landberg, A. H., Rahayu, J. W. and Pardede, E. (2010). Privacy-Aware Access Control in XML Databases. In Proc. 21st Australasian Database Conference (ADC 2010) Brisbane, Australia. CRPIT, 104. Shen H.T. and Bouguettaya, A. Eds., ACS. 85-92 |
(from crpit.com)
(local if available)
|
|