The KIPS Transactions:PartD (정보처리학회논문지D)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

Efficient Evaluation of Shared Predicates for XForms Page Access Control

XForms 페이지의 접근제어를 위한 공유 조건식의 효율적 계산 방법

  • 이은정 (경기대학교 컴퓨터과학)
  • Published : 2008.08.29
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, access control on form-based web information systems has become one of the useful methods for implementing client systems in a service-oriented architecture. In particular, XForms language is being adopted in many systems as a description language for XML-based user interfaces and server interactions. In this paper, we propose an efficient algorithm for the evaluation of XPath-based access rules for XForms pages. In this model, an XForms page is a sequence of queries and the client system performs user interface realization along with XPath rule evaluations. XPath rules have instance-dependent predicates, which for the most part are shared between rules. For the efficient evaluation of shared predicate expressions in access control rules, we proposed a predicate graph model that reuses the previously evaluated results for the same context node. This approach guarantees that each predicate expression is evaluated for the relevant xml node only once.

최근 폼 기반의 웹 시스템에 대한 접근 제어 방법이 서비스 기반 아키텍처를 가지는 클라이언트 시스템 구현에 유용한 방법으로 주목받고있다. 특히 XForms 언어는 서버와 상호작용하는 XML 기반의 사용자 인터페이스를 기술하는 언어로 많이 채용되고 있다. 이 논문에서는 XForms 페이지에 대한 XPath 기반의 접근 제어 규칙을 효율적으로 계산하는 알고리즘을 제안한다. XForms 페이지는 바인딩된 XML 노드에대한 연속된 질의로 모델링할 수 있으며 클라이언트 시스템은 사용자 인터페이스를 생성하면서 XPath 규칙을 계산한다. XPath 규칙은 인스턴스 데이터를 이용하는 조건부를 가지는데 이 조건부의 계산이 규칙들 사이에 또 연속된 질의 사이에 중복되는 경우가 많다. 중복되는 조건부의 효율적인 계산을 위해서 조건부 그래프 모델을 제안하여 동일한 컨텍스트 노드에 대해 이전에 계산된 결과를 재사용하는 방법을 제안하였다. 이 방법은 각 조건부 식이 해당되는 XML 노드에 대해 한번만 계산되는 것을 보장한다.

Keywords

References

  1. Damiani, E. et al., “A Fine-Grained Access Control System for XML Documents,” ACM Trans. on Information and System Security, Vol.5, No.2, pp.169-202, May 2002 https://doi.org/10.1145/505586.505590
  2. B. Luo, D. Lee, W.-C. Lee, and P. Liu, “QFlter:Fine-grained run-time xml access control via nfa-based query rewriting,” Proceedings of the thirteenth ACM international conference on Information and knowledge management, pp.543.552, NewYork, USA, 2004
  3. InfoPath 2007, http://office.microsoft.com/infopath
  4. S. Thompson, and T. Torabi, “A Process Improvement Approach to Improve Web Form Design and Usability,” 18th International Conference on Database and Expert Systems Applications, pp.570-574, 2007 https://doi.org/10.1109/DEXA.2007.53
  5. 월드와이드웹, XML, DTD, XPath, 기타 표준, http://www.w3c.org
  6. E. Bruchez, “XForms and the eXist XML database: a perfect couple,” Wellesley, XML Conference and Exibition, Marriott Copley Place Boston, Massachusetts, USA, December 2007
  7. Fundulaki, I.andMarx, M.,“Specifying Access Control Policies for XML Documents with XPath,” In Proc. 9th ACM Symp. on Access Control Models and Technologies, pp.61-69, Yorktown Heights, New York, June, 2004 https://doi.org/10.1145/990036.990046
  8. C.-H. Lim, S. Park, and S. H. Son. “Access control of xml documents considering update operations,” Proceedings of the 2003 ACM workshop on XML security, pp.49-59, NewYork, USA, 2003 https://doi.org/10.1145/968559.968568
  9. J. Lee, K. Whang, W. Han, and I. Song, “The dynamic predicate: integrating access control with query processing in XML databases,” VLDB Journal, Vol.16, No.3, pp.371-387, July, 2007 https://doi.org/10.1007/s00778-006-0037-7
  10. M. Murata, A. Tozawa, and M. Kudo, “XML Access Control Using Static Analysis,” In Proc. 10th ACM Conf. on Computer and Communications Security, pp.73-84, Washingtion DC, USA, Oct., 2003 https://doi.org/10.1145/948109.948122
  11. J. Jeon, Y. Chung, M. Kim, Y. Lee, “Filtering XPath expressions for XML access control,” Computers and Security Vol.23, pp. 591-605, 2004 https://doi.org/10.1016/j.cose.2004.06.009
  12. T. Calders, S. Dekeyser, J. Hidders, and J. Paredaens, “Analyzing workflows implied by instane-dependent access rules,” PODS'06, pp.100-109, Chicago, USA, June, 2006
  13. A. Gupta and D. Suciu, “Stream processing of xpath queries with predicates,” Proceedings of the 2003 ACM SIGMOD international conference on Management of data, pp.419-430, San Diego, California, 2003 https://doi.org/10.1145/872757.872809
  14. S. Hou, and H. Jacobson, “Predicate-based filtering of XPath expressions,” ICDE'06, pp.53-53, 2006 https://doi.org/10.1109/ICDE.2006.115
  15. K. Song, and K. Lee, “An automated generation of xforms interfaces for web services,” IEEE International Conference on Web Services 2007, pp.856-863, Seoul, Korea, July 2007 https://doi.org/10.1109/ICWS.2007.35
  16. J. He, amd I. Yen, “Adaptive User Interface Generation for Web Services,” Proceedings of the IEEE International Conference on e-Business Engineering, pp.536-539, 2007 https://doi.org/10.1109/ICEBE.2007.82
  17. Carminati, B. and Ferrari, E., “AC-XML Documents: Improving the Performance of a Web Access Control Module,” In Proc. 10th ACM Symp. on Access Control Models and Technologies, pp. 67-76, Stockholm, Sweden, June, 2005 https://doi.org/10.1145/1063979.1063993
  18. 유가연, “오픈 API 플랫폼을 위한 XForms 브라우저 개발,” 석사학위논문, 경기대학교 일반대학원 컴퓨터과학과, 2007