Models and issues in data stream systems
Proceedings of the twenty-first ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Data stream management system for MavHome
Proceedings of the 2004 ACM symposium on Applied computing
The CQL continuous query language: semantic foundations and query execution
The VLDB Journal — The International Journal on Very Large Data Bases
Securing the Borealis Data Stream Engine
IDEAS '06 Proceedings of the 10th International Database Engineering and Applications Symposium
Enforcing access control over data streams
Proceedings of the 12th ACM symposium on Access control models and technologies
MavEStream: Synergistic Integration of Stream and Event Processing
ICDT '07 Proceedings of the Second International Conference on Digital Telecommunications
Monitoring streams: a new class of data management applications
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A Security Punctuation Framework for Enforcing Access Control on Streaming Data
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
ACStream: Enforcing Access Control over Data Streams
ICDE '09 Proceedings of the 2009 IEEE International Conference on Data Engineering
Stream Data Processing: A Quality of Service Perspective Modeling, Scheduling, Load Shedding, and Complex Event Processing
StreamShield: a stream-centric approach towards security and privacy in data stream environments
Proceedings of the 2009 ACM SIGMOD International Conference on Management of data
The anatomy of a stream processing system
BNCOD'06 Proceedings of the 23rd British National Conference on Databases, conference on Flexible and Efficient Information Handling
Multilevel secure data stream processing
DBSec'11 Proceedings of the 25th annual IFIP WG 11.3 conference on Data and applications security and privacy
Information flow control for stream processing in clouds
Proceedings of the 18th ACM symposium on Access control models and technologies
Multilevel secure data stream processing: Architecture and implementation
Journal of Computer Security - DBSec 2011
| Hi-index | 0.02 |
Data stream management systems (DSMSs) are being used in diverse application domains (e.g., stock trading), however, the need for processing data securely is becoming critical to several stream applications (e.g., patient monitoring). In this paper, we introduce a novel three stage (preprocessing, query processing, and postprocessing) framework to enforce access control in DSMSs. As opposed to existing systems, our framework allows continuous queries to be shared when they have same or different privileges, does not modify the query plans, introduces no new security operators, and checks a tuple only once irrespective of the number of active continuous queries. In addition, it does not affect the DSMS quality of service improvement mechanisms as query plans are not modified. We discuss the prototype implementation using the MavStream Data Stream Management System. Finally, we discuss experimental evaluations to demonstrate the low overhead and feasibility of our approach.