diff --git a/dspace-xmlui/dspace-xmlui-api/src/main/java/org/dspace/app/xmlui/aspect/statistics/StatisticsAuthorizedMatcher.java b/dspace-xmlui/dspace-xmlui-api/src/main/java/org/dspace/app/xmlui/aspect/statistics/StatisticsAuthorizedMatcher.java
new file mode 100644
index 0000000000..7cf1077bf0
--- /dev/null
+++ b/dspace-xmlui/dspace-xmlui-api/src/main/java/org/dspace/app/xmlui/aspect/statistics/StatisticsAuthorizedMatcher.java
@@ -0,0 +1,128 @@
+/**
+ * $Id: $
+ * $URL: $
+ * *************************************************************************
+ * Copyright (c) 2002-2009, DuraSpace.  All rights reserved
+ * Licensed under the DuraSpace Foundation License.
+ *
+ * A copy of the DuraSpace License has been included in this
+ * distribution and is available at: http://scm.dspace.org/svn/repo/licenses/LICENSE.txt
+ */
+package org.dspace.app.xmlui.aspect.statistics;
+
+import org.apache.cocoon.matching.Matcher;
+import org.apache.cocoon.sitemap.PatternException;
+import org.apache.avalon.framework.parameters.Parameters;
+import org.apache.avalon.framework.logger.AbstractLogEnabled;
+import org.dspace.core.Context;
+import org.dspace.core.ConfigurationManager;
+import org.dspace.app.xmlui.utils.ContextUtil;
+import org.dspace.app.xmlui.utils.HandleUtil;
+import org.dspace.content.DSpaceObject;
+import org.dspace.content.Community;
+import org.dspace.content.Collection;
+import org.dspace.content.Item;
+import org.dspace.authorize.AuthorizeManager;
+
+import java.util.Map;
+import java.util.HashMap;
+import java.sql.SQLException;
+
+/**
+ * User: @author kevinvandevelde (kevin at atmire.com)
+ * Date: 19-nov-2009
+ * Time: 17:19:56
+ */
+public class StatisticsAuthorizedMatcher extends AbstractLogEnabled implements Matcher{
+
+
+    public Map match(String pattern, Map objectModel, Parameters parameters) throws PatternException {
+        // Are we checking for *NOT* the action or the action.
+        boolean not = false;
+        int action = -1; // the action to check
+
+        if (pattern.startsWith("!"))
+        {
+            not = true;
+            pattern = pattern.substring(1);
+        }
+
+        if(!pattern.equals("READ"))
+        {
+            getLogger().warn("Invalid action: '"+pattern+"'");
+            return null;
+        }
+
+        try
+        {
+            Context context = ContextUtil.obtainContext(objectModel);
+            DSpaceObject dso = HandleUtil.obtainHandle(objectModel);
+
+            if (dso == null)
+            	return null;
+
+            boolean authorized = AuthorizeManager.authorizeActionBoolean(context, dso, action, false);
+            //If we are not authorized check for any other authorizations present
+            if(!authorized && context.getCurrentUser() != null
+                    && ConfigurationManager.getBooleanProperty("statistics.item.authorization.admin"))
+            {
+                //Check for admin
+                authorized = AuthorizeManager.isAdmin(context);
+                if(!authorized)
+                    //Check if we have authorization for the owning colls, comms, ...
+                    authorized = checkParentAuthorization(context, dso);
+            }
+
+            // XOR
+            if (not ^ authorized)
+            {
+            	return new HashMap();
+            }
+            else
+            {
+                return null;
+            }
+
+
+        }
+        catch (SQLException sqle)
+        {
+            throw new PatternException("Unable to obtain DSpace Context", sqle);
+        }
+    }
+
+    public static boolean checkParentAuthorization(Context context, DSpaceObject dso) throws SQLException {
+        if(dso instanceof Community)
+        {
+            Community comm = (Community) dso;
+            if(AuthorizeManager.isAdmin(context, comm))
+                return true;
+            else if(comm.getParentCommunity() != null)
+                return checkParentAuthorization(context, comm);
+        }else
+        if(dso instanceof Collection)
+        {
+            Collection coll = (Collection) dso;
+            if(AuthorizeManager.isAdmin(context, coll))
+                return true;
+            else{
+                //Check if any of our parent communities has authorization
+                for (int i = 0; i < coll.getCommunities().length; i++) {
+                    Community community = coll.getCommunities()[i];
+                    boolean authorized = checkParentAuthorization(context, community);
+                    if(authorized)
+                        return true;
+                }
+            }
+        }else
+        if(dso instanceof Item){
+            //Check if we have read rights for our owning collections
+            for(Collection coll : ((Item) dso).getCollections()){
+                boolean authorized = checkParentAuthorization(context, coll);
+                if(authorized)
+                    return true;
+            }
+        }
+        return false;
+    }
+}
diff --git a/dspace-xmlui/dspace-xmlui-api/src/main/java/org/dspace/app/xmlui/aspect/statistics/StatisticsTransformer.java b/dspace-xmlui/dspace-xmlui-api/src/main/java/org/dspace/app/xmlui/aspect/statistics/StatisticsTransformer.java
index 85b57918ed..54e4cb4dbc 100644
--- a/dspace-xmlui/dspace-xmlui-api/src/main/java/org/dspace/app/xmlui/aspect/statistics/StatisticsTransformer.java
+++ b/dspace-xmlui/dspace-xmlui-api/src/main/java/org/dspace/app/xmlui/aspect/statistics/StatisticsTransformer.java
@@ -48,10 +48,8 @@ public class StatisticsTransformer extends AbstractDSpaceTransformer {
      * Add a page title and trail links
      */
     public void addPageMeta(PageMeta pageMeta) throws SAXException, WingException, UIException, SQLException, IOException, AuthorizeException {
-        String handle = parameters.getParameter("handle", null);
-        DSpaceObject dso = null;
-        if(handle != null)
-            dso = HandleManager.resolveToObject(context, handle);
+        //Try to find our dspace object
+        DSpaceObject dso = HandleUtil.obtainHandle(objectModel);
 
         pageMeta.addTrailLink(contextPath + "/",T_dspace_home);
 
@@ -70,10 +68,7 @@ public class StatisticsTransformer extends AbstractDSpaceTransformer {
 			UIException, SQLException, IOException, AuthorizeException {
 
         //Try to find our dspace object
-        String handle = parameters.getParameter("handle", null);
-        DSpaceObject dso = null;
-        if(handle != null)
-            dso = HandleManager.resolveToObject(context, handle);
+        DSpaceObject dso = HandleUtil.obtainHandle(objectModel);
 
 		try
 		{
diff --git a/dspace-xmlui/dspace-xmlui-api/src/main/resources/aspects/Statistics/sitemap.xmap b/dspace-xmlui/dspace-xmlui-api/src/main/resources/aspects/Statistics/sitemap.xmap
index 559c9abd16..b7528d45f3 100644
--- a/dspace-xmlui/dspace-xmlui-api/src/main/resources/aspects/Statistics/sitemap.xmap
+++ b/dspace-xmlui/dspace-xmlui-api/src/main/resources/aspects/Statistics/sitemap.xmap
@@ -16,11 +16,15 @@
 		<map:transformers>
 			<map:transformer name="StatisticsTransformer" src="org.dspace.app.xmlui.aspect.statistics.StatisticsTransformer"/>
 			<map:transformer name="Navigation" src="org.dspace.app.xmlui.aspect.statistics.Navigation"/>
+            <map:transformer name="RestrictedItem" src="org.dspace.app.xmlui.aspect.artifactbrowser.RestrictedItem"/>
         </map:transformers>
 		<map:matchers default="wildcard">
 			<map:matcher name="HandleTypeMatcher" src="org.dspace.app.xmlui.aspect.general.HandleTypeMatcher"/>
-			<map:matcher name="HandleAuthorizedMatcher" src="org.dspace.app.xmlui.aspect.general.HandleAuthorizedMatcher"/>
+			<map:matcher name="StatisticsAuthorizedMatcher" src="org.dspace.app.xmlui.aspect.statistics.StatisticsAuthorizedMatcher"/>
 		</map:matchers>
+        <map:selectors>
+            <map:selector name="AuthenticatedSelector" src="org.dspace.app.xmlui.aspect.general.AuthenticatedSelector"/>
+        </map:selectors>
 	</map:components>
     
 	<map:pipelines>
@@ -32,10 +36,25 @@
 
             <!--Match our statistics-->
             <map:match pattern="handle/*/*/statistics">
-                <map:transform type="StatisticsTransformer">
-                    <!--Pass along our handle-->
-                    <map:parameter name="handle" value="{1}/{2}" />       
-                </map:transform>
+                <map:match type="StatisticsAuthorizedMatcher" pattern="READ">
+                    <map:transform type="StatisticsTransformer"/>
+                </map:match>
+            </map:match>
+
+            <map:match type="StatisticsAuthorizedMatcher" pattern="!READ">
+                <map:select type="AuthenticatedSelector">
+                        <map:when test="eperson">
+                                <map:transform type="RestrictedItem"/>
+                                <map:serialize/>
+                        </map:when>
+                        <map:otherwise>
+                                <map:act type="StartAuthentication">
+                                        <map:parameter name="header" value="xmlui.ArtifactBrowser.RestrictedItem.auth_header"/>
+                                        <map:parameter name="message" value="xmlui.ArtifactBrowser.RestrictedItem.auth_message"/>
+                                </map:act>
+                                <map:serialize/>
+                        </map:otherwise>
+                </map:select>
             </map:match>
 
             <map:match pattern="">
diff --git a/dspace/config/dspace.cfg b/dspace/config/dspace.cfg
index 135bb71c70..9a04d67587 100644
--- a/dspace/config/dspace.cfg
+++ b/dspace/config/dspace.cfg
@@ -1903,6 +1903,8 @@ statistics.items.type.1=dcinput
 statistics.items.type.2=date
 statistics.default.start.datepick = 01/01/1977
 
+statistics.item.authorization.admin=true
+
 #####  Authority Control Settings  #####
 
 #plugin.named.org.dspace.content.authority.ChoiceAuthority = \