Efficient Access Control Mechanism for XML Databases Using Web Services

Abstract

XML document are frequently used in application such as business transaction and medical record involving sensitive information. Typically, parts of xml documents should be visible to users depending on their roles. And then access control on the basis of data location or value in an XML document is essential. Additionally, web services are application components that are designed to support interoperable machine-tomachine interaction over a network. This interoperability is gained through a set of XMLbased open standards, such as the Web Services Description Language (WSDL), the Simple Object Access Protocol (SOAP), and Universal Description, Discovery, and Integration (UDDI). These standards provide a common and interoperable approach for defining, publishing, and using web services. This paper describes the design of an Access Control System using Web Services for xml data and access right management. And then we present an overview of the access control mechanism to build access control services around a Web Services model and address how to increase sever throughput using access control rules functions that are management separately from the server database using web service.