PAPER DIGEST
Most Influential CIKM 2004 Paper · 2026-03 edition

QFilter: Fine-grained Run-time XML Access Control Via NFA-based Query Rewriting

Bo Luo; Dongwon Lee; Wang-Chien Lee; Peng Liu

Venue
ACM Conference on Information and Knowledge Management (CIKM) 2004
Recognition
Most Influential CIKM 2004 Paper (Rank No. 15)
Edition
2026-03
Impact factor
5
Certificate ID
a7bb57c3ceb68a11

Abstract

At present, most of the state-of-the-art solutions for XML access controls are either (1) document-level access control techniques that are too limited to support fine-grained security enforcement; (2) view-based approaches that are often expensive to create and maintain; or (3) impractical proposals that require substantial security-related support from underlying XML databases. In this paper, we take a different approach that assumes no security support from underlying XML databases and examine three alternative fine-grained XML access control solutions, namely <i>primitive, pre-processing</i> and <i>post-processing</i> approaches. In particular, we advocate a pre-processing method called <i>QFilter</i> that uses Non-deterministic Finite Automata (NFA) to rewrite user's query such that any parts violating access control rules are pruned. We show the construction and execution of a QFilter and demonstrate its superiority to other competing methods.

Download PDF certificate