A Proof Procedure for Data Dependencies
Journal of the ACM (JACM)
Query optimization in the presence of limited access patterns
SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
The theory of joins in relational databases
ACM Transactions on Database Systems (TODS)
Foundations of Databases: The Logical Level
Foundations of Databases: The Logical Level
Testing implications of data dependencies
SIGMOD '79 Proceedings of the 1979 ACM SIGMOD international conference on Management of data
Proceedings of the Fifth International Conference on Data Engineering
Administering permissions for distributed data: factoring and automated inference
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
Computing complete answers to queries in the presence of limited access patterns
The VLDB Journal — The International Journal on Very Large Data Bases
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Computing cores for data exchange: new algorithms and practical solutions
Proceedings of the twenty-fourth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Data exchange: computing cores in polynomial time
Proceedings of the twenty-fifth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Controlled Information Sharing in Collaborative Distributed Query Processing
ICDCS '08 Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems
Querying Data under Access Limitations
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Privacy in GLAV information integration
ICDT'07 Proceedings of the 11th international conference on Database Theory
Rewriting queries using views with access patterns under integrity constraints
ICDT'05 Proceedings of the 10th international conference on Database Theory
Cooperative data access in multi-cloud environments
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Hi-index | 0.00 |
We propose an approach for the selective enforcement of access control restrictions in, possibly distributed, large data collections based on two basic concepts: i) flexible authorizations identify, in a declarative way, the data that can be released, and ii) queries are checked for execution not with respect to individual authorizations but rather evaluating whether the information release they (directly or indirectly) entail is allowed by the authorizations. Our solution is based on the definition of query profiles capturing the information content of a query and builds on a graph-based modeling of database schema, authorizations, and queries. Access control is then effectively modeled and efficiently executed in terms of graph coloring and composition and on traversal of graph paths. We then provide a polynomial composition algorithm for determining if a query is authorized.