Advertisement

Inheriting Access Control Rules from Large Relational Databases to Materialized Views Automatically

  • Alfredo Cuzzocrea
  • Mohand-Said Hacid
  • Nicola Grillo
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6278)

Abstract

A novel approach for automatically inheriting access control rules form large relational databases to materialized views defined on such databases is proposed in this paper, along with main algorithm VSP-Bucket. Our proposal introduces a number of research innovations, ranging from a novel Datalog-based syntax, and related semantics, for modeling and expressing access control rules over relational databases to algorithm VSP-Bucket itself, which is a meaningifully adaptation of a well-know view-based query re-writing algorithm for database optimization purposes. A preliminary experimental evaluation and analysis of performance of algorithm VSP-Bucket completes our foremost analytical contribution made in this research.

Keywords

Access Control Relational Database Query Optimization Conjunctive Query Query Response Time 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Agrawal, R., Bird, P., Grandison, T., Kiernan, J., Logan, S., Rjaibi, W.: Extending Relational Database Systems to Automatically Enforce Privacy Policies. In: Proc. of ICDE 2005, pp. 1013–1022 (2005)Google Scholar
  2. 2.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Hippocratic Databases. In: Proc. of VLDB 2002, pp. 143—154 (2002)Google Scholar
  3. 3.
    Ahmad, M., Aboulnaga, A., Babu, S., Munagala, K.: Modeling and Exploiting Query Interactions in Database Systems. In: Proc. of CIKM 2008, pp. 183–192 (2008)Google Scholar
  4. 4.
    Ayyagari, P., Mitra, P., Lee, D., Liu, P., Lee, W.-C.: Incremental Adaptation of XPath Access Control Views. In: Proc. of ASIACCS 2007, pp. 105–116 (2007)Google Scholar
  5. 5.
    Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. Addison Wesley, Reading (1995)zbMATHGoogle Scholar
  6. 6.
    Chandra, A.K., Merlin, P.M.: Optimal Implementation of Conjunctive Queries in Relational Data Bases. In: Proc. of STOC 1977, pp. 77–90 (1977)Google Scholar
  7. 7.
    Fan, W., Chan, C.-Y., Garofalakis, M.: Secure XML Querying with Security Views. In: Proc. of SIGMOD 2004, pp. 587–598 (2004)Google Scholar
  8. 8.
    Goel, S.K., Clifton, C., Rosenthal, A.: Derived Access Control Specification for XML. In: Proc. of XMLSEC 2003, pp. 1–14 (2003)Google Scholar
  9. 9.
    Gupta, A., Mumick, I.S.: Materialized Views: Techniques, Implementations, and Applications. The MIT Press, Cambridge (1999)Google Scholar
  10. 10.
    Gupta, H.: Selection of Views to Materialize in a Data Warehouse. In: Afrati, F.N., Kolaitis, P.G. (eds.) ICDT 1997. LNCS, vol. 1186, pp. 98–112. Springer, Heidelberg (1996)Google Scholar
  11. 11.
    Halevy, A.: Answering Queries Using Views: A Survey. The VLDB Journal 10, 270–294 (2001)zbMATHCrossRefGoogle Scholar
  12. 12.
    Jarke, M., Koch, J.: Query Optimization in Database Systems. ACM Computing Surveys 16(2), 111–152 (1984)zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Kabra, G., Ramamurthy, R., Sudarshan, S.: Redundancy and Information Leakage in Fine-Grained Access Control. In: Proc. of SIGMOD 2006, pp. 133–144 (2006)Google Scholar
  14. 14.
    Matthias, A., Onur, K., Yi, P.: Approaching Fine-grain Access Control for Distributed Biomedical Databases within Virtual Environments. In: Proc. of CGW 2009, pp. 311–319 (2009)Google Scholar
  15. 15.
    Olson, L.E., Gunter, C.A., Cook, W.R., Winslett, M.: Implementing Reflective Access Control in SQL. In: Gudes, E., Vaidya, J. (eds.) Data and Applications Security XXIII. LNCS, vol. 5645, pp. 17–32. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  16. 16.
    Oracle Corp.: The Virtual Private Database in Oracle9iR2: A Technical White Paper (2002), http://www.cgisecurity.com/database/oracle/pdf/VPD9ir2twp.pdf
  17. 17.
    Pottinger, R., Halevy, A.: MiniCon: A Scalable Algorithm For Answering Queries Using Views. The VLDB Journal 10, 182–198 (2001)zbMATHGoogle Scholar
  18. 18.
    Rastogi, V., Suciu, D., Welbourne, E.: Access Control over Uncertain Data. In: Proceedings of the VLDB Endowment, vol. 1, pp. 821–832 (2008)Google Scholar
  19. 19.
    Rizvi, S., Mendelzon, A., Sudarshan, S., Roy, P.: Extending Query Rewriting Techniques for Fine-Grained Access Control. In: Proc. of SIGMOD 2004, pp. 551–562 (2004)Google Scholar
  20. 20.
    Roichman, A., Gudes, E.: Fine-Grained Access Control to Web Databases. In: Proc. of SACMAT 2007, pp. 181–184 (2007)Google Scholar
  21. 21.
    Rosenthal, A., Sciore, E.: Abstracting and Refining Authorization in SQL. In: Jonker, W., Petković, M. (eds.) SDM 2004. LNCS, vol. 3178, pp. 148–162. Springer, Heidelberg (2004)Google Scholar
  22. 22.
    Sagiv, Y., Yannakakis, M.: Equivalences Among Relational Expressions with the Union and Difference Operators. Journal of the ACM 27, 633–655 (1980)zbMATHCrossRefMathSciNetGoogle Scholar
  23. 23.
    Stonebraker, M., Wong, E.: Access Control in a Relational Data Base Management System by Query Modification. In: Proc. of ACM 1974, vol. 1, pp. 180–186 (1974)Google Scholar
  24. 24.
    Sybase Corp.: New Security Features in Sybase Adaptive Server Enterprise. Sybase Technical White Paper (2003)Google Scholar
  25. 25.
    Wang, Q., Yu, T., Li, N., Lobo, J., Bertino, E., Irwin, K., Byun, J.-W.: On the Correctness Criteria of Fine-Grained Access Control in Relational Databases. In: Proc. of VLDB 2007, pp. 555–556 (2007)Google Scholar
  26. 26.
    Zannone, N., Jajodia, S., Massacci, F., Wijesekera, D.: Maintaining Privacy on Derived Objects. In: Proc. of WPES 2005, pp. 10–19 (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Alfredo Cuzzocrea
    • 1
  • Mohand-Said Hacid
    • 2
  • Nicola Grillo
    • 3
  1. 1.ICAR-CNR and University of CalabriaItaly
  2. 2.University Claude Bernard Lyon 1 and LIRISFrance
  3. 3.DEIS DepartmentUniversity of CalabriaItaly

Personalised recommendations