提出构建基于purpose的对XML数据模式的隐私访问控制策略模型,解决由路径传递引起的查询隐私数据泄漏问题.基于purpose的隐私访问控制策略是一棵最小安全访问树模型.最小安全访问树是一组无冗余路径的以XPath{/,∥,[]}片段表示的路径表达式,XPath{/,∥,[]}是一组允许访问的隐私结点路径.实验表明最小安全树生成时间取决于隐私结点在一个XML文档中的标注时间和冗余路径的判别时间,而隐私结点的标注时间与隐私数据在XML文档中的分布位置有关.最小安全访问树模型能控制隐私数据的查询泄漏.%In this paper, we propose to construct the purpose-based privacy access control policy model for XML data mode, and to solve the problem of query-leakage of privacy data incurred by path transfer. In our approach, the policy is a minimum secure access tree model. And the minimum secure access tree is a group of path expressions expressed by XPath{/,∥,[]}fragments without redundant paths, while thernXPath{/,∥,[]}points to a set of privacy nodes path with access permission. Experimental results show that the generation time of minimumrnsecure tree depends on the labelling time of the private nodes in an XML documents and the discriminating time of redundant paths, and the labelling time is pertinent to the position of privacy data distributed in XML documents. The minimum secure access tree model is able to control the query leakage of private data.
展开▼
