Secure Querying of Recursive XML Views: A Standard XPath-Based Technique
Most state-of-the art approaches for securing XML documents allow users to access data only through authorized views defined by annotating an XML grammar (e.g. DTD) with a collection of XPath expressions. To prevent improper disclosure of confidential information, user queries posed on these views need to be rewritten into equivalent queries on the underlying documents. This rewriting enables them to avoid the overhead of view materialization and maintenance. A major concern here is that query rewriting for recursive XML views is still an open problem. To overcome this problem, some works have been proposed to translate XPath queries into nonstandard ones, called Regular XPath queries. However, query rewriting under Regular XPath can be of exponential size as it relies on automaton model.