Abstract
In this paper, we discuss the problem of enabling cooperative query execution in a multi-cloud environment where the data is owned and managed by multiple enterprises. We assume that each enterprise defines a set of allow rules to facilitate access to its data, which is assumed to be stored as relational tables. We propose an efficient algorithm using join properties to decide whether a given query will be allowed. We also allow enterprises to explicitly forbid access to certain data via deny rules and propose an efficient algorithm to check for conflicts between allow and deny rules.
Keywords
This material is based upon work supported by the National Science Foundation under grants CCF-1037987 and CT-20013A. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the sponsoring organizations.
Download to read the full chapter text
Chapter PDF
Similar content being viewed by others
References
De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Controlled Information Sharing in Collaborative Distributed Query Processing. In: Proc. of ICDCS 2008, Beijing, China (June 2008)
De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Assessing query privileges via safe and efficient permission composition. In: Proc. of ACM Conference on Computer and Communications Security 2008, Alexandria, VA, U.S.A. (October 2008)
Aggarwal, G., Bawa, M., Ganesan, P., Garcia-Molina, H., Kenthapadi, K., Motwani, R., Srivastava, U., Thomas, D., Xu, Y.: Two can keep a secret: A distributed architecture for secure database services. In: Proc. of CIDR 2005, Asilomar, CA, USA (January 2005)
Ciriani, V., De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Keep a few: Outsourcing data while maintaining confidentiality. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 440–455. Springer, Heidelberg (2009)
Kossmann, D.: The state of the art in distributed query processing. ACM CSUR 32(4), 422–469 (2000)
Gouda, M., Liu, A.: Firewall Design: Consistency, Completeness, and Compactness. In: Proc. of ICDCS 2004, Tokyo, Japan (2004)
Sion, R.: Query execution assurance for outsourced databases. In: Proc. of VLDB 2005, Trondheim, Norway (2005)
Bernstein, P., Goodman, N., Wong, E., Reeve, C., Rothnie, J.J.B.: Query processing in a system for distributed databases (SDD-1). ACM TODS 6(4), 602–625 (1981)
Cali, A., Martinenghi, D.: Querying data under access limitations. In: Proc. of ICDE 2008, Cancun (April 2008)
Common Information Model, http://dmtf.org/standards/cim
Agrawal, R., Asonov, D., Kantarcioglu, M., Li, Y.: Sovereign joins. In: Proc. of ICDE 2006, Atlanta (April 2006)
Florescu, D., Levy, A.Y., Manolescu, I., Suciu, D.: Query optimization in the presence of limited access patterns. In: Proc. of SIGMOD 1999, Philadelphia, PA (June 1999)
Aho, A.V., Beeri, C., Ullman, J.D.: The theory of joins in relational databases. ACM TODS 4(3), 297–314 (1979)
Li, C.: Computing complete answers to queries in the presence of limited access patterns. VLDB Journal 12(3) (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Le, M., Kant, K., Jajodia, S. (2011). Cooperative Data Access in Multi-cloud Environments. In: Li, Y. (eds) Data and Applications Security and Privacy XXV. DBSec 2011. Lecture Notes in Computer Science, vol 6818. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-22348-8_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-22348-8_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-22347-1
Online ISBN: 978-3-642-22348-8
eBook Packages: Computer ScienceComputer Science (R0)