Access Control for Weakly Consistent Replicated Information Systems

  • Mathias WeberEmail author
  • Annette Bieniusa
  • Arnd Poetzsch-Heffter
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9871)


Access control is an important aspect of information systems. It manages and enforces the rules that govern the access of users and applications to the data. In general, both data objects and access rules are subject to change over time, e.g., one might withdraw the right of a user to access a certain data object.

In this paper, we present a new access control model for weakly consistent replicated information systems. Such systems are engineered to be partition-tolerant and higher available than strongly consistent systems – an important aspect in a networked world with mobile devices. In particular, they allow concurrent updates to different replicas and do not enforce serializability of operations. However, this relaxation of consistency threatens access control. If we withdraw the right of a user to access data object o at one replica and then modify o, the user should not be able to see this modification by accessing o on a second replica (information leakage).

Our access control model targets eventually consistent data stores. It avoids information leakage and unauthorized modifications. Furthermore, it guarantees that modifications to the access rules initiated on different replicas eventually converge. Our model allows in particular to implement access-matrix based models such as the read-write-own model employed in file systems. In this paper, we define the model in an abstract way, explain its correctness properties, and describe how it can be efficiently implemented in state-of-the-art weakly consistent data stores.


  1. 1.
    Couchbase, December 2015.
  2. 2.
    MongoDB for GIANT Ideas \(|\) MongoDB, December 2015.
  3. 3.
    Riak KV December 2015.
  4. 4.
    Almeida, P.S., Baquero, C., Gonçalves, R., Preguiça, N., Fonte, V.: Scalable and accurate causality tracking for eventually consistent stores. In: Magoutis, K., Pietzuch, P. (eds.) DAIS 2014. LNCS, vol. 8460, pp. 67–81. Springer, Heidelberg (2014). doi: 10.1007/978-3-662-43352-2_6 CrossRefGoogle Scholar
  5. 5.
    Brewer, E.A.: Towards robust distributed systems (abstract). In: Proceedings of the Nineteenth Annual ACM Symposium on Principles of Distributed Computing, p. 7. PODC 2000, NY, USA. ACM, New York (2000)Google Scholar
  6. 6.
    Burckhardt, S., Gotsman, A., Yang, H., Zawirski, M.: Replicated data types: Specification, verification, optimality. In: Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 271–284. POPL 2014, NY, USA. ACM, New York (2014)Google Scholar
  7. 7.
    DeCandia, G., Hastorun, D., Jampani, M., Kakulapati, G., Lakshman, A., Pilchin, A., Sivasubramanian, S., Vosshall, P., Vogels, W.: Dynamo: Amazon’s highly available key-value store. In: Proceedings of Twenty-first ACM SIGOPS Symposium on Operating Systems Principles, pp. 205–220. SOSP ’07, NY, USA. ACM, New York (2007)Google Scholar
  8. 8.
    Ferraiolo, D., Kuhn, R.: Role-based access control. In: 15th NIST-NCSC National Computer Security Conference, pp. 554–563 (1992)Google Scholar
  9. 9.
    Gilbert, S., Lynch, N.: Brewer’s conjecture and the feasibility of consistent, available, partition-tolerant web services. SIGACT News 33(2), 51–59 (2002)CrossRefGoogle Scholar
  10. 10.
    Gonçalves, R., Almeida, P.S., Baquero, C., Fonte, V.: Concise server-wide causality management for eventually consistent data stores. In: Bessani, A., Bouchenak, S. (eds.) DAIS 2015. LNCS, vol. 9038, pp. 66–79. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-19129-4_6 Google Scholar
  11. 11.
    Imine, A., Cherif, A., Rusinowitch, M.: A flexible access control model for distributed collaborative editors. In: Jonker, W., Petković, M. (eds.) SDM 2009. LNCS, vol. 5776, pp. 89–106. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-04219-5_6 CrossRefGoogle Scholar
  12. 12.
    Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) DBSec 2012. LNCS, vol. 7371, pp. 41–55. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31540-4_4 CrossRefGoogle Scholar
  13. 13.
    Jin, X., Sandhu, R., Krishnan, R.: RABAC: role-centric attribute-based access control. In: Kotenko, I., Skormin, V. (eds.) MMM-ACNS 2012. LNCS, vol. 7531, pp. 84–96. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-33704-8_8 CrossRefGoogle Scholar
  14. 14.
    Lloyd, W., Freedman, M.J., Kaminsky, M., Andersen, D.G.: Don’t settle for eventual: scalable causal consistency for wide-area storage with COPS. In: Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, pp. 401–416. SOSP 2011, NY, USA. ACM, New York (2011)Google Scholar
  15. 15.
    Samarati, P., Ammann, P., Jajodia, S.: Maintaining replicated authorizations in distributed database systems. Data Knowl. Eng. 18(1), 55–84 (1996)CrossRefzbMATHGoogle Scholar
  16. 16.
    Samarati, P., de Vimercati, S.C.: Access control: policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137–196. Springer, Heidelberg (2001). doi: 10.1007/3-540-45608-2_3 CrossRefGoogle Scholar
  17. 17.
    Saunders, G., Hitchens, M., Varadharajan, V.: An analysis of access control models. In: Pieprzyk, J., Safavi-Naini, R., Seberry, J. (eds.) ACISP 1999. LNCS, vol. 1587, pp. 281–293. Springer, Heidelberg (1999). doi: 10.1007/3-540-48970-3_23 CrossRefGoogle Scholar
  18. 18.
    Shapiro, M., Preguiça, N., Baquero, C., Zawirski, M.: Conflict-free replicated data types. In: Défago, X., Petit, F., Villain, V. (eds.) SSS 2011. LNCS, vol. 6976, pp. 386–400. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-24550-3_29 CrossRefGoogle Scholar
  19. 19.
    Shapiro, M., Preguiça, N.M., Baquero, C., Zawirski, M.: Convergent and commutative replicated data types. Bull. EATCS 104, 67–88 (2011b)MathSciNetzbMATHGoogle Scholar
  20. 20.
    SyncFree: Antidote reference platform(2016).
  21. 21.
    Wobber, T., Rodeheffer, T.L., Terry, D.B.: Policy-based access control for weakly consistent replication. In: Proceedings of the 5th European Conference on Computer Systems, pp. 293–306. EuroSys 2010, NY, USA. ACM, New York (2010)Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Mathias Weber
    • 1
    Email author
  • Annette Bieniusa
    • 1
  • Arnd Poetzsch-Heffter
    • 1
  1. 1.University of KaiserslauternKaiserslauternGermany

Personalised recommendations