An integrated framework of techniques that help specify represent and enforce a flexible access control model for XML data repositories is presented.

The amount of stored data, both personal and organizational, has grown exponentially in the last decade and recent trends indicate that this growth rate has increased significantly. The data explosion is not limited to traditional relational data and data that can be fit in relational tables. There has been a surge in the use of semi-structured data formats such as XML. XML is also fast becoming the standard for data exchange between incompatible data sources, a medium for sharing data and finally a medium for storing data. Research on XML has traditionally focused on developing efficient mechanisms to store and manage XML data either as a part of a relational database or using native XML stores. However, given the increase in the usage of XML, it is not beyond reason to fathom situations where different user groups have different access privileges on the XML data. This creates a need for an efficient access control mechanism for XML.

An access control engine should have two primary capabilities: constraint specification and constraint enforcement. At the constraint definition level, it should support a language with the ability to define the nature of the constraints that needs to be enforced. At the constraint enforcement level, it should support a mechanism to prevent the user from accessing the data that has been blocked. The problem of access control in XML has many similarities to access control in relational and object-oriented databases. However, the semi-structured nature of XML introduces the following challenges: (a) Sensitive information is contained not just in the data nodes but also in the structural relationships between data nodes. Access control models must be expressive enough to specify constraints on both data nodes as well as structural relationships. (b) XML data is commonly derived from relational tables and is used as a data exchange standard between different domains. Such data is constantly updated and access constraint enforcement techniques must be able to work efficiently in this scenario. The goal of this research is to develop a framework of techniques that can be used to design, specify, represent and enforce access control efficiently on XML data repositories. To this end this research introduces the following: (1) An infrastructure for access control on XML documents - designing, specifying security constraints and enforcing the same via query rewrites, avoiding view materialization. (2) A declarative access constraint specification language on XML to assist system users in specifying access constraints on XML data repositories. The power of the language will not be constrained by a specific implementation mechanism but will be generic enough to accommodate several existing access control strategies. (3) An algebraic security view specification language SSX, which provides a representation of the declarative access constraint specification language and enables conditionally hiding and reorganizing XML elements/subtrees. (4) A mechanism for representing the access constraints internally and a query rewrite algorithm that takes a user query and rewrites it to reflect all the specified access constraints. The rewritten query will reveal only the information that is accessible to the user group. (5) A conceptual modeling approach for XML - XER that provides the database designer with the ability to design the data model at a conceptual level.