Secure XML Querying with Security Views

This paper introduces a novel paradigm for specifying XML security constraints and investigates the enforcement of such constraints during XML query evaluation. Our approach is based on the novel concept of security views, which are essentially DTD schemas that (a) expose only the necessary schema information to authorizes users, and (b) employ XPath query annotations to describe the access paths to the relevant parts of the XML document. We propose an efficient algorithm for deriving security views from security specifications on the original document DTD. We also develop novel algorithms for XPath query rewriting and optimization.