题目： HyXAC: a hybrid approach for XML access control
报告人： Dr. Bo Luo, University of Kansas
While XML has been widely adopted for information sharing over the Internet, the need for efficient XML access control naturally arise. Various XML access control enforcement mechanisms have been proposed in the research community, such as view-based approaches and pre-processing approaches. Each category of solutions has its inherent advantages and disadvantages. For instance, view based approach provides high performance in query evaluation, but suffers from the view maintenance issues.
In this talk, I will first briefly introduce XML access control enforcement mechanisms, especially a pre-processing approach called QFilter. I will then propose a hybrid approach, namely HyXAC: Hybrid XML Access Control. HyXAC provides efficient access control and query processing by maximizing the utilization of available (but constrained) resources. HyXAC first uses the pre-processing approach as a baseline to process queries and define sub-views. In HyXAC, views are not defined in a per-role basis, instead, a sub-view is defined for each access control rule, and roles with identical rules would share the sub-view. Moreover, HyXAC dynamically allocates the available resources (memory and secondary storage) to materialize and cache sub-views to improve query performance. With intensive experiments, we have shown that HyXAC optimizes the usage of system resource, and improves the performance of query processing.
Bo Luo is currently an assistant professor with EECS department at the University of Kansas. He received Ph.D. degree from The Pennsylvania State University in 2008, an M. Phil. degree from the Chinese University of Hong Kong in 2003, and a B.E. from University of Sciences and Technology of China in 2001. He is interested in information retrieval, information security and privacy. He has published in top conferences and journals such as ACM CCS, Multimedia, CIKM, INFOCOM, TKDE, etc.