Presentation is loading. Please wait.

Presentation is loading. Please wait.

Compressed Accessibility Map: Efficient Access Control for XML Ting Yu : University of Illinois Divesh Srivastava : AT&T Labs Laks V.S. Lakshmanan : University.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Compressed Accessibility Map: Efficient Access Control for XML Ting Yu : University of Illinois Divesh Srivastava : AT&T Labs Laks V.S. Lakshmanan : University."— Presentation transcript:

1 Compressed Accessibility Map: Efficient Access Control for XML Ting Yu : University of Illinois Divesh Srivastava : AT&T Labs Laks V.S. Lakshmanan : University of British Columbia H.V. Jagadish : University of Michigan

2 Information Sharing in business over the Internet XML as a standard information exchange/sharing format Direct access to XML documents  Offer advantages in terms of cost, accuracy and timeliness Security is crucial  Nature of selective access in this context is complex

3 Access Control for XML Fine-grained access control  Business relationship is sophisticated  Constraints on tag/attribute level instead of only on document level  Complex access control rules Efficient evaluation of data’s accessibility is desired  Focus of this talk

4 An Example XML Document with Access Control Info. … The purpose of … Access Control … … ….. *based on examples in [Damiani et al. 2000]

5 Two Potential Approaches Approach 1: use access control rules directly  Pros: Flexible  Cons: Time-inefficient Approach 2: fully materialized accessibility map (access control list)  Pros: Time-efficient  Cons: Space-inefficient

6 Our Approach Compressed Accessibility Map (CAM)  Take advantage of structural locality of accessibility  Index accessibility information in a compressed way  Both time-efficient and space-efficient

7 Structural Locality of Accessibility Data items grouped together have similar accessibility properties Common in hierarchically-structured data like XML [Bertino et al. 1999][Damiani et al. 2000]  Declarative authorization rules based on hierarchical structures  Accessibility propagation and overriding

8 Compressed Accessibility Map (CAM) Essentially an accessibility index Maintain a CAM for each user and access type Identify “crucial” data items and store extra accessibility information on them Other data items’ accessibility can be inferred efficiently

9 Identify Crucial Data Items A BG CD EF H IJ Accessible node Inaccessible node A B (d+,s+) (d-,s+)

10 Ancestor Accessibility and Unit Regions If a node is accessible, so are its ancestors A unit region is a maximal subgraph of an XML database such that ancestor accessibility holds Easy to partition an XML database into unit regions

11 Unit Region Partition A C EFIJ Accessible node Inaccessible node B D G H

12 CAM for Unit Regions Allowed labels in unit region cam  (d+,s+), (d-,s+) and (d-,s-) Inference rules  Label on a node is most specific, thus overrides other inferences  Ancestor accessibility overrides descendents’ inference  Nearest labeled ancestor overrides other labeled ancestors

13 J I A DKL CEFM GH B Valid CAM A DL F Accessible node Inaccessible node KB CE GH IM A D IF B E GHLK M (d-,s+) (d+,s+) J C J Accessibility Unknown

14 CAM Lookup Algorithm Given a node e, look up CAM  If e is labeled, check the sign of self label s  If e has labeled descendents, e is accessible  Get e’s nearest labeled ancestor f. e’s accessibility is determined by the sign of f’s label d. Complexity: proportion to the product of the depth of e in the XML tree and log of the size of CAM.

15 Optimal Unit Region CAM CAM with minimum size  Space-efficient  Also reduce lookup time Build optimal CAM  Assign labels to each data node in a bottom- up way  Remove redundant labels

16 Redundant Labels: Induced labels Labels that are the same as what is inferred from its ancestors’ labels A B C DE (d+,s+) (d-,s+) (d-,s-) redundant Accessible node Inaccessible node

17 Redundant Labels: Upward Redundant Labels labels that can be inferred from its descendents’ labels A B (d-,s+) (d+,s+) C E DF (d-,s+) Accessible node Inaccessible node redundant

18 Build Optimal CAM Assign labels in a bottom-up way  Accessible leaf (d+,s+), inaccessible leaf (d-,s-)  Internal nodes’ labels is assigned according to children’s labels Remove redundant labels  First remove induced labels  Then remove upward redundant labels

19 Build Optimal CAM Accessible node Inaccessible node A DL F KB CE GH IM J (d?,s+) (d+,s+) (d-,s+)(d+,s+) (d-,s-) (d-,s+) (d-,s-) (d+,s+) (d-,s-) (d-,s+)

20 CAM for Multi Unit Regions Only need to mark out those nodes (marker nodes) that start a unit region  Build optimal CAM for each unit region  Combine CAM for each unit regions Lookup algorithm is almost the same, but need to take marker nodes into consideration.  complexity remains the same

21 Further Compression in CAM for Multiple Unit Regions A C EFIJ B D G H HH (d+,s+)

22 Experimental Verification Metric – compression ratio  Size of CAM / fully materialized accessibility map Synthetic data set  Generated by IBM XML generator  Study accessibility locality’s impact on compression ratio of CAM Real data set  Large file systems with real access control data

23 Impact of Accessibility Locality Compression ratio when accessible nodes are uniformly distributed in the XML tree

24 Impact of Accessibility Locality Compression ratio when accessibility locality is high

25 Conclusion Compressed accessibility map as an efficient way to evaluate access control data for XML documents  Time-efficient and space-efficient Future work  Better support for incremental CAM updates  Take advantage of commonalities of users’ access rights and globally optimize CAM

Download ppt "Compressed Accessibility Map: Efficient Access Control for XML Ting Yu : University of Illinois Divesh Srivastava : AT&T Labs Laks V.S. Lakshmanan : University."

Similar presentations

A View Based Security Framework for XML Wenfei Fan, Irini Fundulaki, Floris Geerts, Xibei Jia, Anastasios Kementsietsidis University of Edinburgh Digital.

A View Based Security Framework for XML Wenfei Fan, Irini Fundulaki, Floris Geerts, Xibei Jia, Anastasios Kementsietsidis University of Edinburgh Digital.
Hierarchical Cellular Tree: An Efficient Indexing Scheme for Content-Based Retrieval on Multimedia Databases Serkan Kiranyaz and Moncef Gabbouj.

Hierarchical Cellular Tree: An Efficient Indexing Scheme for Content-Based Retrieval on Multimedia Databases Serkan Kiranyaz and Moncef Gabbouj.
BiG-Align: Fast Bipartite Graph Alignment

BiG-Align: Fast Bipartite Graph Alignment
Fast Algorithms For Hierarchical Range Histogram Constructions

Fast Algorithms For Hierarchical Range Histogram Constructions
1 Abdeslame ALILAOUAR, Florence SEDES Fuzzy Querying of XML Documents The minimum spanning tree IRIT - CNRS IRIT : IRIT : Research Institute for Computer.

1 Abdeslame ALILAOUAR, Florence SEDES Fuzzy Querying of XML Documents The minimum spanning tree IRIT - CNRS IRIT : IRIT : Research Institute for Computer.
FP (FREQUENT PATTERN)-GROWTH ALGORITHM ERTAN LJAJIĆ, 3392/2013 Elektrotehnički fakultet Univerziteta u Beogradu.

FP (FREQUENT PATTERN)-GROWTH ALGORITHM ERTAN LJAJIĆ, 3392/2013 Elektrotehnički fakultet Univerziteta u Beogradu.
Schema Summarization cong Yu Department of EECS University of Michigan H. V. Jagadish Department of EECS University of Michigan

Schema Summarization cong Yu Department of EECS University of Michigan H. V. Jagadish Department of EECS University of Michigan
ViST: a dynamic index method for querying XML data by tree structures Authors: Haixun Wang, Sanghyun Park, Wei Fan, Philip Yu Presenter: Elena Zheleva,

ViST: a dynamic index method for querying XML data by tree structures Authors: Haixun Wang, Sanghyun Park, Wei Fan, Philip Yu Presenter: Elena Zheleva,
Using Trees to Depict a Forest Bin Liu, H. V. Jagadish EECS, University of Michigan, Ann Arbor Presented by Sergey Shepshelvich 1.

Using Trees to Depict a Forest Bin Liu, H. V. Jagadish EECS, University of Michigan, Ann Arbor Presented by Sergey Shepshelvich 1.
Database management concepts Database Management Systems (DBMS) An example of a database (relational) Database schema (e.g. relational) Data independence.

Database management concepts Database Management Systems (DBMS) An example of a database (relational) Database schema (e.g. relational) Data independence.
Basic Data Mining Techniques

Basic Data Mining Techniques
1 Indexing and Querying XML Data for Regular Path Expressions A Paper by Quanzhong Li and Bongki Moon Presented by Amnon Shochot.

1 Indexing and Querying XML Data for Regular Path Expressions A Paper by Quanzhong Li and Bongki Moon Presented by Amnon Shochot.
Chapter 3: Data Storage and Access Methods

Chapter 3: Data Storage and Access Methods
1 Chapter 2 Reviewing Tables and Queries. 2 Chapter Objectives Identify the steps required to develop an Access application Specify the characteristics.

1 Chapter 2 Reviewing Tables and Queries. 2 Chapter Objectives Identify the steps required to develop an Access application Specify the characteristics.
Overview of Search Engines

Overview of Search Engines
Advanced Topics in Algorithms and Data Structures 1 An example.

Advanced Topics in Algorithms and Data Structures 1 An example.
By Ravi Shankar Dubasi Sivani Kavuri A Popularity-Based Prediction Model for Web Prefetching.

By Ravi Shankar Dubasi Sivani Kavuri A Popularity-Based Prediction Model for Web Prefetching.
 Zhichun Li  The Robust and Secure Systems group at NEC Research Labs  Northwestern University  Tsinghua University 2.

 Zhichun Li  The Robust and Secure Systems group at NEC Research Labs  Northwestern University  Tsinghua University 2.
Extracting Places and Activities from GPS Traces Using Hierarchical Conditional Random Fields 2012311529 Yong-Joong Kim Dept. of Computer Science Yonsei.

Extracting Places and Activities from GPS Traces Using Hierarchical Conditional Random Fields Yong-Joong Kim Dept. of Computer Science Yonsei.
Xpath Query Evaluation. Goal Evaluating an Xpath query against a given document – To find all matches We will also consider the use of types Complexity.

Xpath Query Evaluation. Goal Evaluating an Xpath query against a given document – To find all matches We will also consider the use of types Complexity.

Similar presentations

Ads by Google