Toward a multilevel secure relational data model
SIGMOD '91 Proceedings of the 1991 ACM SIGMOD international conference on Management of data
Optimization of real conjunctive queries
PODS '93 Proceedings of the twelfth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Database security
Panorama: a database system that annotates its answers to queries with their properties
Journal of Intelligent Information Systems
Characteristics of role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Rewriting aggregate queries using views
PODS '99 Proceedings of the eighteenth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Computing capabilities of mediators
SIGMOD '99 Proceedings of the 1999 ACM SIGMOD international conference on Management of data
Answering complex SQL queries using automatic summary tables
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Efficient and extensible algorithms for multi query optimization
SIGMOD '00 Proceedings of the 2000 ACM SIGMOD international conference on Management of data
Protection in operating systems
Communications of the ACM
Optimizing queries using materialized views: a practical, scalable solution
SIGMOD '01 Proceedings of the 2001 ACM SIGMOD international conference on Management of data
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Flexible support for multiple access control policies
ACM Transactions on Database Systems (TODS)
Secure Databases: Constraints, Inference Channels, and Monitoring Disclosures
IEEE Transactions on Knowledge and Data Engineering
Proceedings of the Fifth International Conference on Data Engineering
Optimizing Queries with Materialized Views
ICDE '95 Proceedings of the Eleventh International Conference on Data Engineering
VLDB '98 Proceedings of the 24rd International Conference on Very Large Data Bases
Aggregate-Query Processing in Data Warehousing Environments
VLDB '95 Proceedings of the 21th International Conference on Very Large Data Bases
Answering Queries with Aggregation Using Views
VLDB '96 Proceedings of the 22th International Conference on Very Large Data Bases
Security Administration for Federations, Warehouses, and other Derived Data
Proceedings of the IFIP WG 11.3 Thirteenth International Conference on Database Security: Research Advances in Database and Information Systems Security
The Volcano Optimizer Generator: Extensibility and Efficient Search
Proceedings of the Ninth International Conference on Data Engineering
Answering queries using views: A survey
The VLDB Journal — The International Journal on Very Large Data Bases
The inference problem: a survey
ACM SIGKDD Explorations Newsletter
Recent advances in access control models
Das'01 Proceedings of the fifteenth annual working conference on Database and application security
QFilter: fine-grained run-time XML access control via NFA-based query rewriting
Proceedings of the thirteenth ACM international conference on Information and knowledge management
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Safe query objects: statically typed objects as remotely executable queries
Proceedings of the 27th international conference on Software engineering
Query execution assurance for outsourced databases
VLDB '05 Proceedings of the 31st international conference on Very large data bases
Checking for k-anonymity violation by views
VLDB '05 Proceedings of the 31st international conference on Very large data bases
The secondary and approximate authorization model and its application to Bell-LaPadula policies
Proceedings of the eleventh ACM symposium on Access control models and technologies
Presto Authorization: A Bitmap Indexing Scheme for High-Speed Access Control to XML Documents
IEEE Transactions on Knowledge and Data Engineering
Dynamic authenticated index structures for outsourced databases
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Redundancy and information leakage in fine-grained access control
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Interactive query formulation over web service-accessed sources
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Rewriting nested XML queries using nested views
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Flooding and recycling authorizations
NSPW '05 Proceedings of the 2005 workshop on New security paradigms
Real-time data attack isolation for commercial database applications
Journal of Network and Computer Applications
Homeviews: peer-to-peer middleware for personal data sharing applications
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Flexible and efficient access control in oracle
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
CLIDE: interactive query formulation for service oriented architectures
Proceedings of the 2007 ACM SIGMOD international conference on Management of data
Distributed access control: a privacy-conscious approach
Proceedings of the 12th ACM symposium on Access control models and technologies
Exporting and interactively querying Web service-accessed sources: The CLIDE System
ACM Transactions on Database Systems (TODS)
Physical Access Control for Captured RFID Data
IEEE Pervasive Computing
Automaton segmentation: a new approach to preserve privacy in xml information brokering
Proceedings of the 14th ACM conference on Computer and communications security
On the correctness criteria of fine-grained access control in relational databases
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
Composing and optimizing data providing web services
Proceedings of the 17th international conference on World Wide Web
Authorization recycling in RBAC systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Enabling policy-based access control in BI applications
Data & Knowledge Engineering
Dynamic Meta-level Access Control in SQL
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Query Rewriting for Access Control on Semantic Web
SDM '08 Proceedings of the 5th VLDB workshop on Secure Data Management
Access control over uncertain data
Proceedings of the VLDB Endowment
A formal framework for reflective database access control policies
Proceedings of the 15th ACM conference on Computer and communications security
Assessing query privileges via safe and efficient permission composition
Proceedings of the 15th ACM conference on Computer and communications security
Beyond User-to-User Access Control for Online Social Networks
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
KES '07 Knowledge-Based Intelligent Information and Engineering Systems and the XVII Italian Workshop on Neural Networks on Proceedings of the 11th International Conference
Querying data sources that export infinite sets of views
Proceedings of the 12th International Conference on Database Theory
Privacy policy enforcement for health information data access
Proceedings of the 1st ACM international workshop on Medical-grade wireless networks
Partially materialized digest scheme: an efficient verification method for outsourced databases
The VLDB Journal — The International Journal on Very Large Data Bases
Equivalence of nested queries with mixed semantics
Proceedings of the twenty-eighth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Cross-tier, label-based security enforcement for web applications
Proceedings of the 2009 ACM SIGMOD International Conference on Management of data
Fine-Grained Access Control with Object-Sensitive Roles
Genoa Proceedings of the 23rd European Conference on ECOOP 2009 --- Object-Oriented Programming
Approximate Rewriting of Queries Using Views
ADBIS '09 Proceedings of the 13th East European Conference on Advances in Databases and Information Systems
Collaborative management of web ontology data with flexible access control
Expert Systems with Applications: An International Journal
A cryptography index technology and method to measure information disclosure in the DAS model
WSEAS Transactions on Information Science and Applications
Telehealth/AT '08 Proceedings of the IASTED International Conference on Telehealth/Assistive Technologies
Composing data-providing web services in P2P-based collaboration environments
CAiSE'07 Proceedings of the 19th international conference on Advanced information systems engineering
Fine-grained access control for database management systems
BNCOD'07 Proceedings of the 24th British national conference on Databases
A framework to enforce access control over data streams
ACM Transactions on Information and System Security (TISSEC)
Statistics & clustering based framework for efficient XACML policy evaluation
POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
Nemesis: preventing authentication & access control vulnerabilities in web applications
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Conditional purpose based access control model for privacy protection
ADC '09 Proceedings of the Twentieth Australasian Conference on Australasian Database - Volume 92
Proceedings of the Fourteenth International Database Engineering & Applications Symposium
Towards a data-centric view of cloud security
CloudDB '10 Proceedings of the second international workshop on Cloud data management
fQuery: SPARQL query rewriting to enforce data confidentiality
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
A conditional purpose-based access control model with dynamic roles
Expert Systems with Applications: An International Journal
Inheriting access control rules from large relational databases to materialized views automatically
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part III
PolicyReplay: misconfiguration-response queries for data breach reporting
Proceedings of the VLDB Endowment
Static checking of dynamically-varying security policies in database-backed applications
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
MyABDAC: compiling XACML policies for attribute-based database access control
Proceedings of the first ACM conference on Data and application security and privacy
Authorization recycling in hierarchical RBAC systems
ACM Transactions on Information and System Security (TISSEC)
Rewriting queries on SPARQL views
Proceedings of the 20th international conference on World wide web
Access control to materialized views: an inference-based approach
Proceedings of the 2011 Joint EDBT/ICDT Ph.D. Workshop
Diesel: applying privilege separation to database access
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Access Control for Databases: Concepts and Systems
Foundations and Trends in Databases
Efficient auditing for complex SQL queries
Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Modularisation in maude of parametrized RBAC for row level access control
ADBIS'11 Proceedings of the 15th international conference on Advances in databases and information systems
CryptDB: protecting confidentiality with encrypted query processing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Proceedings of the VLDB Endowment
View-based query answering in Description Logics: Semantics and complexity
Journal of Computer and System Sciences
Privacy in GLAV information integration
ICDT'07 Proceedings of the 11th international conference on Database Theory
Protecting personal data with various granularities: a logic-based access control approach
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
The relationship between reasoning about privacy and default logics
LPAR'05 Proceedings of the 12th international conference on Logic for Programming, Artificial Intelligence, and Reasoning
Authorization-Transparent access control for XML under the non-truman model
EDBT'06 Proceedings of the 10th international conference on Advances in Database Technology
FGAC-QD: fine-grained access control model based on query decomposition strategy
TrustBus'06 Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business
Privacy in database publishing
ICDT'05 Proceedings of the 10th international conference on Database Theory
Authorization views and conditional query containment
ICDT'05 Proceedings of the 10th international conference on Database Theory
Risk-based security decisions under uncertainty
Proceedings of the second ACM conference on Data and Application Security and Privacy
SecDS: a secure EPC discovery service system in EPCglobal network
Proceedings of the second ACM conference on Data and Application Security and Privacy
Privacy-Preserving database systems
Foundations of Security Analysis and Design III
AccKW: an efficient access control scheme for keyword-based search over RDBMS
DNIS'10 Proceedings of the 6th international conference on Databases in Networked Information Systems
Towards an anti-inference (k, ℓ)-anonymity model with value association rules
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
Proceedings of the 17th ACM symposium on Access Control Models and Technologies
SecTTS: A secure track & trace system for RFID-enabled supply chains
Computers in Industry
A role-involved purpose-based access control model
Information Systems Frontiers
From MDM to DB2: a case study of security enforcement migration
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
BTA: architecture for reusable business tier components with access control
ICCSA'12 Proceedings of the 12th international conference on Computational Science and Its Applications - Volume Part III
Enforcing confidentiality in relational databases by reducing inference control to access control
ISC'07 Proceedings of the 10th international conference on Information Security
FENCE: continuous access control enforcement in dynamic data stream environments
Proceedings of the third ACM conference on Data and application security and privacy
Access Control on Semantic Web Data Using Query Rewriting
International Journal of Organizational and Collective Intelligence
Fine-grained disclosure control for app ecosystems
Proceedings of the 2013 ACM SIGMOD International Conference on Management of Data
Hi-index | 0.00 |
Current day database applications, with large numbers of users, require fine-grained access control mechanisms, at the level of individual tuples, not just entire relations/views, to control which parts of the data can be accessed by each user. Fine-grained access control is often enforced in the application code, which has numerous drawbacks; these can be avoided by specifying/enforcing access control at the database level. We present a novel fine-grained access control model based on authorization views that allows "authorization-transparent" querying; that is, user queries can be phrased in terms of the database relations, and are valid if they can be answered using only the information contained in these authorization views. We extend earlier work on authorization-transparent querying by introducing a new notion of validity, conditional validity. We give a powerful set of inference rules to check for query validity. We demonstrate the practicality of our techniques by describing how an existing query optimizer can be extended to perform access control checks by incorporating these inference rules.