Incomplete Information in Relational Databases
Journal of the ACM (JACM)
Hilbert's tenth problem
A foundation of CODD's relational maybe-operations
ACM Transactions on Database Systems (TODS)
On semantic issues connected with incomplete information databases
ACM Transactions on Database Systems (TODS)
Extending the database relational model to capture more meaning
ACM Transactions on Database Systems (TODS)
Null values in data base management a denotational semantics approach
SIGMOD '79 Proceedings of the 1979 ACM SIGMOD international conference on Management of data
Access control in a relational data base management system by query modification
ACM '74 Proceedings of the 1974 annual conference - Volume 1
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Understanding DB2 9 Security
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Limiting disclosure in hippocratic databases
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
Dynamic anonymization: accurate statistical analysis with privacy preservation
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Dynamic Meta-level Access Control in SQL
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Access control over uncertain data
Proceedings of the VLDB Endowment
Proceedings of the Fourteenth International Database Engineering & Applications Symposium
fQuery: SPARQL query rewriting to enforce data confidentiality
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Inheriting access control rules from large relational databases to materialized views automatically
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part III
Cheetah: a high performance, custom data warehouse on top of MapReduce
Proceedings of the VLDB Endowment
Rewriting queries on SPARQL views
Proceedings of the 20th international conference on World wide web
Access control to materialized views: an inference-based approach
Proceedings of the 2011 Joint EDBT/ICDT Ph.D. Workshop
Access Control for Databases: Concepts and Systems
Foundations and Trends in Databases
GIS analysis of U.S. patent data: examining local innovation patterns
Proceedings of the 2nd International Conference on Computing for Geospatial Research & Applications
Query rewriting in spatial database for access control
Proceedings of the 2nd International Conference on Computing for Geospatial Research & Applications
An analytical solution for consent management in patient privacy preservation
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
SecDS: a secure EPC discovery service system in EPCglobal network
Proceedings of the second ACM conference on Data and Application Security and Privacy
Abstract interpretation of database query languages
Computer Languages, Systems and Structures
Auditing a database under retention policies
The VLDB Journal — The International Journal on Very Large Data Bases
Fine-grained privacy control for the RFID middleware of EPCglobal networks
Proceedings of the Fifth International Conference on Management of Emergent Digital EcoSystems
Hi-index | 0.00 |
Databases are increasingly being used to store information covered by heterogeneous policies, which require support for access control with great flexibility. This has led to increasing interest in using fine-grained access control, where different cells in a relation may be governed by different access control rules. Although several proposals have been made to support fine-grained access control, there currently does not exist a formal notion of correctness regarding the query answering procedure. In this paper, we propose such a formal notion of correctness in fine-grained database access control, and discuss why existing approaches fall short in some circumstances. We then propose a labeling approach for masking unauthorized information and a query evaluation algorithm which better supports fine-grained access control. Finally, we implement our algorithm using query modification and evaluate its performance.