The rapid emergence of XML as a standard for data exchange
over the Web has led to considerable interest in the problem of securing
XML documents. In this context, query evaluation engines need to ensure
that user queries only use and return XML data the user is allowed to
access.
These added access control checks increase the security of the system. In this project, we consider the problem of securing evaluation of XML twig queries. These added access control checks can considerably increase query evaluation time. We have also focused on this issue, with a simple formula of 'Self or nearest capable Ancestor'. At the first implementation, most of the work is done towards a complete secure database than efficiency.
We focus on the simple, but useful, multi-level access control model,
where a security level can be either specified at an XML element, or inherited
from its parent. For this model, secure query evaluation is possible by
rewriting the query to use a recursive function that computes an element's
security level. Based on security information in the DTD, we devise efficient
algorithms that optimally determine when the recursive check can be eliminated,
and when it can be simplified to just a local check on the element's attributes,
without violating the access control policy.
Here is a link to show how XmlSecure works