An Integrated Access Control for Securely Querying and Updating XML Data
Many existing access controls use node filtering or querying rewriting techniques. These techniques require rather time-consuming processes such as parsing, labeling, pruning and/or rewriting queries into safe ones each time a user requests a query or takes an action. In this paper, the authors propose a fine-grained access control model, named SecureX, which supports read and write privileges. With their novel access control concept, various access types are introduced, including those for determining if a user has the right to change XML structure.