Enabling intensional access control via preference-aware query optimization

Authors:
Nicholas L. Farnan;Adam J. Lee;Panos K. Chrysanthis;Ting Yu
Affiliations:
University of Pittsburgh, Pittsburgh, PA, USA;University of Pittsburgh, Pittsburgh, PA, USA;University of Pittsburgh, Pittsburgh, PA, USA;North Carolina State University, Raleigh, NC, USA
Venue:
Proceedings of the 18th ACM symposium on Access control models and technologies
Year:
2013

Citing 2
Cited 0

Don't reveal my intension: protecting user privacy using declarative preferences during distributed query processing

ESORICS'11 Proceedings of the 16th European conference on Research in computer security
AstroShelf: understanding the universe through scalable navigation of a galaxy of annotations

SIGMOD '12 Proceedings of the 2012 ACM SIGMOD International Conference on Management of Data

Quantified Score

Hi-index	0.00

Visualization

Abstract

Although the declarative nature of SQL provides great utility to database users, its use in distributed database management systems can result in unintended consequences to user privacy over the course of query evaluation. By allowing users to merely say what data they are interested in accessing without providing guidance regarding how to retrieve it, query optimizers can generate plans that leak sensitive query intension. To address these types of issues, we have created a framework that empowers users with the ability to specify access controls on the intension of their queries through extensions to the SQL SELECT statement. In this demonstration, we present a version of PostgreSQL's query optimizer that we have modified to produce plans that respect these constraints while optimizing user-specified SQL queries in terms of performance.