Extensible Markup Language (XML) is a standard data type, which defines a set of rules for encoding documents. Recently, the application field of XML has been expanded. Furthermore, various XML security technologies for secure data exchange have been proposed. XML documents have a hierarchical structure that is composed of a root element (i.e., the ancestors of all elements) and it’s sub elements (i.e., text and attributes).
One of the authorization methods for the XML document is a implicit authorization. The implicit authorization assigns a same privilege to sub elements as its parent’s privilege. However it is not efficient to check the privilege conflict between the implicit privilege granted from the parent element and the explicit privilege assigned to sub elements.
In this paper, in order to overcome the inefficient problem in implicit authorization, we propose a novel authorization method using the predictable flag. The predictable flag is a special type of privilege given to the ancestors of an element that has explicit privilege. By using predictable flag, we can detect the privilege conflict efficiently. The proposed implicit authorization method using the predictable flag check the privilege conflict based on four types of possible conflicts (i.e., predictable flag and predictable flag, predictable flag and explicit privilege, explicit privilege and predictable flag, explicit privilege and explicit privilege) between the existing privileges on parent’s element and the newly assigned privileges on sub element.
In addition, in order to show efficient of the proposed method, we presented the comparison analysis between the existing method and the proposed using the number of conflict inspection and storage overhead.