Database security
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Models and issues in data stream systems
Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Issues in data stream management
ACM SIGMOD Record
STREAM: the stanford stream data manager (demonstration description)
Proceedings of the 2003 ACM SIGMOD international conference on Management of data
Aurora: a new model and architecture for data stream management
The VLDB Journal — The International Journal on Very Large Data Bases
Enforcing access control over data streams
Proceedings of the 12th ACM symposium on Access control models and technologies
Access Control Labeling Scheme for Efficient Secure XML Query Processing
KES '08 Proceedings of the 12th international conference on Knowledge-Based Intelligent Information and Engineering Systems, Part II
Efficient Secure Labeling Method under Dynamic XML Data Streams
IWSEC '08 Proceedings of the 3rd International Workshop on Security: Advances in Information and Computer Security
A framework to enforce access control over data streams
ACM Transactions on Information and System Security (TISSEC)
Efficient access control labeling scheme for secure XML query processing
Computer Standards & Interfaces
City on the Sky: Extending XACML for Flexible, Secure Data Sharing on the Cloud
Journal of Grid Computing
Declarative secure distributed information systems
Computer Languages, Systems and Structures
Hi-index | 0.00 |
Many data stream processing systems are increasingly being used to support applications that handle sensitive information, such as credit card numbers and locations of soldiers in battleground [1,2,3,6]. These data have to be protected from unauthorized accesses. However, existing access control models and mechanisms cannot be adequately adopted on data streams. In this paper, we propose a novel access control model for data streams based on the Aurora data model [2]. Our access control model is role-based and has the following components. Objects to be protected are essentially views (or rather queries) over data streams. We also define two types of privileges - Read privilege for operations such as Filter, Map, BSort, and a set of aggregate privileges for operations such as Min, Max, Count, Avg and Sum. The model also allows the specification of temporal constraints either to limit access to data during a given time bound or to constraint aggregate operations over the data within a specified time window. In the paper, we present the access control model and its formal semantics.