A Data Rights Control Model for a SaaS Application Delivery Platform
Data customization of SaaS application gives tenants the abilities not only to add custom fields for existing tables but also to configure the users’ data rights. However, during the development of applications, ISV has no custom fields information or users’ data rights information. So it is difficult for ISV to control users’ data rights in the application level. This paper proposes a flexible approach which is providing data rights configuration and access control in a SaaS delivery platform. Our approaches can be summarized as follows. First, we build a data rights model. Second, we do data access control by capturing the query requests and add to it the data rights control information based on our data rights model. We conduct experiments on a SaaS application delivery platform, and the results demonstrate that the execution overhead of our data access control scheme is very small.
KeywordsSaaS data rights access control query rewriting
Unable to display preview. Download preview PDF.
- 1.Wei-Tek, T., Qihong, S., Yu, H., Xiaoying, B.: Towards a Scalable and Robust Multi-tenancy SaaS. In: 2nd Asia-Pacific Symposium on Internetware, pp. 37–65 (2010)Google Scholar
- 2.Nitu: Configurability in SaaS(software as a service) applications. In: 2nd India Software Engineering Conference, pp. 19–26 (2009)Google Scholar
- 3.Sunqioo, K., Sungwon, K., Sunqin, H.: A Design of the Conceptual Architecture for a Multitenant SaaS Application Platform. In: 1st ACIS/JNU International Conference on Computers, Networks, Systems, and Industrial Engineering, pp. 462–467 (2011)Google Scholar
- 4.Michael, S., Eugene, W.: Access control in a relational data base management system by query modification. In: Proceedings of the 1974 Annual Conference, pp. 180–186 (1974)Google Scholar
- 5.Chu, E., Beckmann, J., Naughton, J.: The Case for a Wide-Table Approach to Manage Sparse Relational Data Sets. In: SIGMOD, pp. 821–832 (2007)Google Scholar
- 6.Craig, D.W., Steve, B.: The Design of the Force.com Multitenant Internet Application Development Platform. In: SIGMOD, pp. 889–896 (2009)Google Scholar
- 7.Ferraiolo, D.F., Kuhn, D.R.: Role Based Access Controls. In: 15th National Computer Security Conference, pp. 554–563 (1992)Google Scholar