Please use this identifier to cite or link to this item: https://doi.org/10.1145/1805974.1805984
Title: A framework to enforce access control over data streams
Authors: Carminati, B.
Ferrari, E.
Cao, J.
Tan, K.L. 
Keywords: Access control
Data stream
Secure query rewriting
Issue Date: 2010
Citation: Carminati, B., Ferrari, E., Cao, J., Tan, K.L. (2010). A framework to enforce access control over data streams. ACM Transactions on Information and System Security 13 (3). ScholarBank@NUS Repository. https://doi.org/10.1145/1805974.1805984
Abstract: Although access control is currently a key component of any computational system, it is only recently that mechanisms to guard against unauthorized access to streaming data have started to be investigated. To cope with this lack, in this article, we propose a general framework to protect streaming data, which is, as much as possible, independent from the target stream engine. Differently from RDBMSs, up to now a standard query language for data streams has not yet emerged and this makes the development of a general solution to access control enforcement more difficult. The framework we propose in this article is based on an expressive role-based access controlmodel proposed by us. It exploits a query rewriting mechanism, which rewrites user queries in such a way that they do not return tuples/attributes that should not be accessed according to the specified access control policies. Furthermore, the framework contains a deployment module able to translate the rewritten query in such a way that it can be executed by different stream engines, therefore, overcoming the lack of standardization. In the article, besides presenting all the components of our framework, we prove the correctness and completeness of the query rewriting algorithm, and we present some experiments that show the feasibility of the developed techniques. © 2010 ACM.
Source Title: ACM Transactions on Information and System Security
URI: http://scholarbank.nus.edu.sg/handle/10635/39641
ISSN: 10949224
DOI: 10.1145/1805974.1805984
Appears in Collections:Staff Publications

Show full item record
Files in This Item:
There are no files associated with this item.

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.