Access control mechanism for XML document

Abstract

The existing access control has not taken information structures and semantics into full account due to the fundamental limitations of HTML. In addition, access control for XML documents allows only read operations, and there exists the problem of slowing down system performance due to the complex authorization evaluation process. In order to resolve this problem, this paper designs and builds a XACS (XML Access Control System) which is capable of making fined-grained access control. This provides data only corresponding to its users' authority levels by authorizing them to access only the specific items of XML documents when they're searching XML documents. In order to do this, the XACS eliminates certain parts of documents which are inaccessible and transmits parts accessible depending on its users' authority levels. In addition since XML documents are used on the basis of normal web sites, it can be expanded to existing web servers. Ultimately, this paper suggests empirical application to verify the adequacy and the validity with the proposed method. Accordingly, the satisfaction and the quality of mechanism will be improved the XML document.