Chapter

Secure Cloud Computing

pp 149-169

Date:

Enabling Collaborative Data Authorization Between Enterprise Clouds

  • Meixing LeAffiliated withCenter for Secure Information Systems, George Mason University Email author 
  • , Krishna KantAffiliated withCenter for Secure Information Systems, George Mason University
  • , Sushil JajodiaAffiliated withCenter for Secure Information Systems, George Mason University

* Final gross prices may vary according to local VAT.

Get Access

Abstract

We consider a collaborative enterprise computing environment where a group of enterprises or parties maintain their own relational databases to which they allow restricted access to other parties. The access is regulated by means of a set of authorization rules that may be defined using relational calculus, including joins over relations from multiple parties. In this chapter, we provide an overview of the issues that arise in such an environment and some solutions. In particular, since individual parties are likely to formulate the rules in a somewhat piecemeal manner, the rules may be mutually inconsistent or inadequate to answer the desired queries. We address the issues of detecting inconsistencies and methods for fixing them. We also discuss the question of enforceability (or adequacy) of the rules. When rules, as given, are not enforceable, we can either augment the access rights or employ trusted third parties to perform unenforceable operations. We also address the issue of handling dynamic changes to rules. Finally, we consider the problem of generating efficient query plans in this environment.