A Data Rights Control Model for a SaaS Application Delivery Platform

  • Jinchai Li
  • Shidong Zhang
  • Zhengzheng Liu
  • Lanju Kong
Conference paper
Part of the Advances in Intelligent and Soft Computing book series (AINSC, volume 146)


Data customization of SaaS application gives tenants the abilities not only to add custom fields for existing tables but also to configure the users’ data rights. However, during the development of applications, ISV has no custom fields information or users’ data rights information. So it is difficult for ISV to control users’ data rights in the application level. This paper proposes a flexible approach which is providing data rights configuration and access control in a SaaS delivery platform. Our approaches can be summarized as follows. First, we build a data rights model. Second, we do data access control by capturing the query requests and add to it the data rights control information based on our data rights model. We conduct experiments on a SaaS application delivery platform, and the results demonstrate that the execution overhead of our data access control scheme is very small.


SaaS data rights access control query rewriting 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Wei-Tek, T., Qihong, S., Yu, H., Xiaoying, B.: Towards a Scalable and Robust Multi-tenancy SaaS. In: 2nd Asia-Pacific Symposium on Internetware, pp. 37–65 (2010)Google Scholar
  2. 2.
    Nitu: Configurability in SaaS(software as a service) applications. In: 2nd India Software Engineering Conference, pp. 19–26 (2009)Google Scholar
  3. 3.
    Sunqioo, K., Sungwon, K., Sunqin, H.: A Design of the Conceptual Architecture for a Multitenant SaaS Application Platform. In: 1st ACIS/JNU International Conference on Computers, Networks, Systems, and Industrial Engineering, pp. 462–467 (2011)Google Scholar
  4. 4.
    Michael, S., Eugene, W.: Access control in a relational data base management system by query modification. In: Proceedings of the 1974 Annual Conference, pp. 180–186 (1974)Google Scholar
  5. 5.
    Chu, E., Beckmann, J., Naughton, J.: The Case for a Wide-Table Approach to Manage Sparse Relational Data Sets. In: SIGMOD, pp. 821–832 (2007)Google Scholar
  6. 6.
    Craig, D.W., Steve, B.: The Design of the Multitenant Internet Application Development Platform. In: SIGMOD, pp. 889–896 (2009)Google Scholar
  7. 7.
    Ferraiolo, D.F., Kuhn, D.R.: Role Based Access Controls. In: 15th National Computer Security Conference, pp. 554–563 (1992)Google Scholar

Copyright information

© Springer-Verlag GmbH Berlin Heidelberg 2012

Authors and Affiliations

  • Jinchai Li
    • 1
  • Shidong Zhang
    • 1
  • Zhengzheng Liu
    • 2
  • Lanju Kong
    • 1
  1. 1.School of Computer Science and TechnologyShandong UniversityJinanChina
  2. 2.Shandong Dareway Computer Software Co., Ltd.JinanChina

Personalised recommendations