Browse > Article
http://dx.doi.org/10.3745/KIPSTD.2008.15-D.4.441

Efficient Evaluation of Shared Predicates for XForms Page Access Control  

Lee, Eun-Jung (경기대학교 컴퓨터과학)
Abstract
Recently, access control on form-based web information systems has become one of the useful methods for implementing client systems in a service-oriented architecture. In particular, XForms language is being adopted in many systems as a description language for XML-based user interfaces and server interactions. In this paper, we propose an efficient algorithm for the evaluation of XPath-based access rules for XForms pages. In this model, an XForms page is a sequence of queries and the client system performs user interface realization along with XPath rule evaluations. XPath rules have instance-dependent predicates, which for the most part are shared between rules. For the efficient evaluation of shared predicate expressions in access control rules, we proposed a predicate graph model that reuses the previously evaluated results for the same context node. This approach guarantees that each predicate expression is evaluated for the relevant xml node only once.
Keywords
Access Control; Shared Predicates; XPath; XForms;
Citations & Related Records
연도 인용수 순위
  • Reference
1 S. Thompson, and T. Torabi, “A Process Improvement Approach to Improve Web Form Design and Usability,” 18th International Conference on Database and Expert Systems Applications, pp.570-574, 2007   DOI
2 C.-H. Lim, S. Park, and S. H. Son. “Access control of xml documents considering update operations,” Proceedings of the 2003 ACM workshop on XML security, pp.49-59, NewYork, USA, 2003   DOI
3 J. Jeon, Y. Chung, M. Kim, Y. Lee, “Filtering XPath expressions for XML access control,” Computers and Security Vol.23, pp. 591-605, 2004   DOI   ScienceOn
4 J. He, amd I. Yen, “Adaptive User Interface Generation for Web Services,” Proceedings of the IEEE International Conference on e-Business Engineering, pp.536-539, 2007   DOI
5 T. Calders, S. Dekeyser, J. Hidders, and J. Paredaens, “Analyzing workflows implied by instane-dependent access rules,” PODS'06, pp.100-109, Chicago, USA, June, 2006
6 A. Gupta and D. Suciu, “Stream processing of xpath queries with predicates,” Proceedings of the 2003 ACM SIGMOD international conference on Management of data, pp.419-430, San Diego, California, 2003   DOI
7 S. Hou, and H. Jacobson, “Predicate-based filtering of XPath expressions,” ICDE'06, pp.53-53, 2006   DOI
8 K. Song, and K. Lee, “An automated generation of xforms interfaces for web services,” IEEE International Conference on Web Services 2007, pp.856-863, Seoul, Korea, July 2007   DOI
9 Carminati, B. and Ferrari, E., “AC-XML Documents: Improving the Performance of a Web Access Control Module,” In Proc. 10th ACM Symp. on Access Control Models and Technologies, pp. 67-76, Stockholm, Sweden, June, 2005   DOI
10 유가연, “오픈 API 플랫폼을 위한 XForms 브라우저 개발,” 석사학위논문, 경기대학교 일반대학원 컴퓨터과학과, 2007
11 월드와이드웹, XML, DTD, XPath, 기타 표준, http://www.w3c.org
12 Damiani, E. et al., “A Fine-Grained Access Control System for XML Documents,” ACM Trans. on Information and System Security, Vol.5, No.2, pp.169-202, May 2002   DOI
13 B. Luo, D. Lee, W.-C. Lee, and P. Liu, “QFlter:Fine-grained run-time xml access control via nfa-based query rewriting,” Proceedings of the thirteenth ACM international conference on Information and knowledge management, pp.543.552, NewYork, USA, 2004
14 InfoPath 2007, http://office.microsoft.com/infopath
15 M. Murata, A. Tozawa, and M. Kudo, “XML Access Control Using Static Analysis,” In Proc. 10th ACM Conf. on Computer and Communications Security, pp.73-84, Washingtion DC, USA, Oct., 2003   DOI
16 E. Bruchez, “XForms and the eXist XML database: a perfect couple,” Wellesley, XML Conference and Exibition, Marriott Copley Place Boston, Massachusetts, USA, December 2007
17 Fundulaki, I.andMarx, M.,“Specifying Access Control Policies for XML Documents with XPath,” In Proc. 9th ACM Symp. on Access Control Models and Technologies, pp.61-69, Yorktown Heights, New York, June, 2004   DOI
18 J. Lee, K. Whang, W. Han, and I. Song, “The dynamic predicate: integrating access control with query processing in XML databases,” VLDB Journal, Vol.16, No.3, pp.371-387, July, 2007   DOI