Skip to main content
SpringerLink
Log in

AccKW: An Efficient Access Control Scheme for Keyword-Based Search over RDBMS

  • Conference paper
Databases in Networked Information Systems (DNIS 2010)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 5999))

Included in the following conference series:

  • 941 Accesses

Abstract

Access control for relational databases is a well researched area. An SQL query is allowed or denied access to database according to the specified access control policy. On the other side, there has been a surge in research activities to provide keywords-based search interface over RDBMS. This has posed new challenges for access control enforcement as traditional solutions to access control will not be efficient for keyword-based search. This paper proposes a framework AccKW, which enforces access control policies on keyword-based search over RDBMS in the early phases of keywords based search process. The main contributions of this paper are twofold: (i) we have investigated the problem of access control in the domain of keyword-based search over relational databases, and (ii) we have implemented the framework AccKW, and found out that AccKW outperforms in terms of execution time as compared to the naive approach (brute force approach) in case of strict access control policy.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agrawal, S., Chaudhuri, S., Das, G.: Dbxplorer: A system for keyword-based search over relational databases. In: ICDE 2002: Proceedings of the 18th International Conference on Data Engineering, Washington, DC, USA, p. 5. IEEE Computer Society, Los Alamitos (2002)

    Chapter  Google Scholar 

  2. Aditya, B., Bhalotia, G., Chakrabarti, S., Hulgeri, A., Nakhe, C., Parag, P., Sudarshan, S.: Banks: browsing and keyword searching in relational databases. In: VLDB 2002: Proceedings of the 28th international conference on Very Large Data Bases, VLDB Endowment, pp. 1083–1086 (2002)

    Google Scholar 

  3. Hristidis, V., Papakonstantinou, Y.: Discover: keyword search in relational databases. In: VLDB 2002: Proceedings of the 28th international conference on Very Large Data Bases, VLDB Endowment, pp. 670–681 (2002)

    Google Scholar 

  4. Hulgeri, A., Nakhe, C.: Keyword searching and browsing in databases using banks. In: ICDE 2002: Proceedings of the 18th International Conference on Data Engineering, Washington, DC, USA, p. 431. IEEE Computer Society, Los Alamitos (2002)

    Google Scholar 

  5. Kacholia, V., Pandit, S., Chakrabarti, S., Sudarshan, S., Desai, R., Karambelkar, H.: Bidirectional expansion for keyword search on graph databases. In: VLDB 2005: Proceedings of the 31st international conference on Very large data bases, VLDB Endowment, pp. 505–516 (2005)

    Google Scholar 

  6. Koutrika, G., Simitsis, A., Ioannidis, Y.: Précis: The essence of a query answer. In: International Conference on Data Engineering, vol. 0, p. 69 (2006)

    Google Scholar 

  7. Simitsis, A., Koutrika, G., Ioannidis, Y.: Précis: from unstructured keywords as queries to structured databases as answers. The VLDB Journal 17(1), 117–149 (2008)

    Article  Google Scholar 

  8. Rizvi, S., Mendelzon, A., Sudarshan, S., Roy, P.: Extending query rewriting techniques for fine-grained access control. In: SIGMOD 2004: Proceedings of the 2004 ACM SIGMOD international conference on Management of data, pp. 551–562. ACM, New York (2004)

    Chapter  Google Scholar 

  9. Murthy, R., Sedlar, E.: Flexible and efficient access control in oracle. In: SIGMOD 2007: Proceedings of the 2007 ACM SIGMOD international conference on Management of data, pp. 973–980. ACM, New York (2007)

    Chapter  Google Scholar 

  10. Olson, L.E., Gunter, C.A., Madhusudan, P.: A formal framework for reflective database access control policies. In: CCS 2008: Proceedings of the 15th ACMconference on Computer and communications security, pp. 289–298. ACM, New York (2008)

    Chapter  Google Scholar 

  11. Shin, H., Atluri, V.: Spatiotemporal access control enforcement under uncertain location estimates. In: Gudes, E., Vaidya, J. (eds.) Data and Applications Security XXIII. LNCS, vol. 5645, pp. 159–174. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  12. Chaudhuri, S., Dutta, T., Sudarshan, S.: Fine grained authorization through predicated grants. In: ICDE 2007: Proceedings of the 23rd International Conference on Data Engineering, Istanbul, Turkey, pp. 1174–1183. IEEE, Los Alamitos (2007)

    Chapter  Google Scholar 

  13. Agrawal, R., Bird, P., Grandison, T., Kiernan, J., Logan, S., Rjaibi, W.: Extending relational database systems to automatically enforce privacy policies. In: ICDE 2005: Proceedings of the 21st International Conference on Data Engineering, Washington, DC, USA, pp. 1013–1022. IEEE Computer Society, Los Alamitos (2005)

    Google Scholar 

  14. Kabra, G., Ramamurthy, R., Sudarshan, S.: Redundancy and information leakage in finegrained access control. In: SIGMOD 2006: Proceedings of the 2006 ACM SIGMOD international conference on Management of data, pp. 133–144. ACM, New York (2006)

    Chapter  Google Scholar 

  15. Lefevre, K., Agrawal, R., Ercegovac, V., Ramakrishnan, R., Xu, Y., DeWitt, D.: Limiting disclosure in hippocratic databases. In: VLDB, pp. 108–119 (2004)

    Google Scholar 

  16. TPC-H decision support benchmark (Transaction Processing Council), http://www.tpc.org/

  17. MySQL Database, http://www.mysql.com/

Download references

Author information

Authors and Affiliations

  1. Indraprastha Institute of Information Technology Delhi, New Delhi, India

    Vikram Goyal, Ashish Sureka & Sangeeta Lal

Authors
  1. Vikram Goyal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ashish Sureka
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sangeeta Lal
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Graduate Department of Computer and Information Systems, University of Aizu, Ikki Machi, Aizu-Wakamatsu, 965-8580, Fukushima, Japan

    Shinji Kikuchi , Shelly Sachdeva  & Subhash Bhalla ,  & 

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Goyal, V., Sureka, A., Lal, S. (2010). AccKW: An Efficient Access Control Scheme for Keyword-Based Search over RDBMS. In: Kikuchi, S., Sachdeva, S., Bhalla, S. (eds) Databases in Networked Information Systems. DNIS 2010. Lecture Notes in Computer Science, vol 5999. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12038-1_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-12038-1_8

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-12037-4

  • Online ISBN: 978-3-642-12038-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation