On the correctness criteria of fine-grained access control in relational databases

Authors:
Qihua Wang;Ting Yu;Ninghui Li;Jorge Lobo;Elisa Bertino;Keith Irwin;Ji-Won Byun
Affiliations:
Purdue University;North Carolina State University;Purdue University;IBM Watson Research Center;Purdue University;North Carolina State University;Purdue University
Venue:
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Year:
2007

Citing 11
Cited 17

Incomplete Information in Relational Databases

Journal of the ACM (JACM)
Hilbert's tenth problem

Hilbert's tenth problem
A foundation of CODD's relational maybe-operations

ACM Transactions on Database Systems (TODS)
On semantic issues connected with incomplete information databases

ACM Transactions on Database Systems (TODS)
Extending the database relational model to capture more meaning

ACM Transactions on Database Systems (TODS)
Null values in data base management a denotational semantics approach

SIGMOD '79 Proceedings of the 1979 ACM SIGMOD international conference on Management of data
Access control in a relational data base management system by query modification

ACM '74 Proceedings of the 1974 annual conference - Volume 1
Extending query rewriting techniques for fine-grained access control

SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Understanding DB2 9 Security

Understanding DB2 9 Security
Hippocratic databases

VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Limiting disclosure in hippocratic databases

VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30

Dynamic anonymization: accurate statistical analysis with privacy preservation

Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Dynamic Meta-level Access Control in SQL

Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Access control over uncertain data

Proceedings of the VLDB Endowment
Effectively and efficiently selecting access control rules on materialized views over relational databases

Proceedings of the Fourteenth International Database Engineering & Applications Symposium
fQuery: SPARQL query rewriting to enforce data confidentiality

DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Inheriting access control rules from large relational databases to materialized views automatically

KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part III
Cheetah: a high performance, custom data warehouse on top of MapReduce

Proceedings of the VLDB Endowment
Rewriting queries on SPARQL views

Proceedings of the 20th international conference on World wide web
Access control to materialized views: an inference-based approach

Proceedings of the 2011 Joint EDBT/ICDT Ph.D. Workshop
Access Control for Databases: Concepts and Systems

Foundations and Trends in Databases
GIS analysis of U.S. patent data: examining local innovation patterns

Proceedings of the 2nd International Conference on Computing for Geospatial Research & Applications
Query rewriting in spatial database for access control

Proceedings of the 2nd International Conference on Computing for Geospatial Research & Applications
An analytical solution for consent management in patient privacy preservation

Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
SecDS: a secure EPC discovery service system in EPCglobal network

Proceedings of the second ACM conference on Data and Application Security and Privacy
Abstract interpretation of database query languages

Computer Languages, Systems and Structures
Auditing a database under retention policies

The VLDB Journal — The International Journal on Very Large Data Bases
Fine-grained privacy control for the RFID middleware of EPCglobal networks

Proceedings of the Fifth International Conference on Management of Emergent Digital EcoSystems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Databases are increasingly being used to store information covered by heterogeneous policies, which require support for access control with great flexibility. This has led to increasing interest in using fine-grained access control, where different cells in a relation may be governed by different access control rules. Although several proposals have been made to support fine-grained access control, there currently does not exist a formal notion of correctness regarding the query answering procedure. In this paper, we propose such a formal notion of correctness in fine-grained database access control, and discuss why existing approaches fall short in some circumstances. We then propose a labeling approach for masking unauthorized information and a query evaluation algorithm which better supports fine-grained access control. Finally, we implement our algorithm using query modification and evaluate its performance.