摘要
为解决XML管理安全问题,提出了DTD可选的XML访问控制系统OD-XACS(XMLAccess Control System with Op-tional DTD),并给出了安全性分析.OD-XACS支持访问控制规则中带有{//,*,[]}的复杂XPath式.有DTD时,OD-XACS利用XPath式对DTD的可满足性验证访问控制规则的有效性,并对由规则中XPath式构造的不确定有限自动机进行具体化,消除了这些XPath式中的冗余.实验表明,访问控制规则的验证和具体化可以极大地减轻XML查询引擎的负担.
To solve XML managerial security problem, an XML Access Control System with Optional DTD(OD-XACS) is proposed and its security is analyzed. OD-XACS supports complex XPath with {//,* , [ ]} in access control rules. With DTD, access control rules are validated according to XPath satisfiability. Moreover, XPath redundancy in access control rules is partially eliminated by NFA materialization. Experimental results show that validation and redundancy elimination of rules can relieve the burden on XML euerv engine.
出处
《小型微型计算机系统》
CSCD
北大核心
2008年第1期73-79,共7页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(60673126)资助
中国科学院计算机科学重点实验室开放课题基金项目(SYSKF0502)资助
