Inheriting Access Control Rules from Large Relational Databases to Materialized Views Automatically

A novel approach for automatically inheriting access control rules form large relational databases to materialized views defined on such databases is proposed in this paper, along with main algorithm VSP-Bucket. Our proposal introduces a number of research innovations, ranging from a novel Datalogbased syntax, and related semantics, for modeling and expressing access control rules over relational databases to algorithm VSP-Bucket itself, which is a meaningifully adaptation of a well-know view-based query re-writing algorithm for database optimization purposes. A preliminary experimental evaluation and analysis of performance of algorithm VSP-Bucket completes our foremost analytical contribution made in this research.

[1]  Silvana Castano,et al.  Database Security , 1997, IFIP Advances in Information and Communication Technology.

[2]  Chris Clifton,et al.  Derived access control specification for XML , 2003, XMLSEC '03.

[3]  Dan Suciu,et al.  Adding Structure to Unstructured Data , 1997, ICDT.

[4]  S. Sudarshan,et al.  Extending query rewriting techniques for fine-grained access control , 2004, SIGMOD '04.

[5]  Ramakrishnan Srikant,et al.  Hippocratic Databases , 2002, VLDB.

[6]  Alon Y. Halevy,et al.  Answering queries using views: A survey , 2001, The VLDB Journal.

[7]  Kamesh Munagala,et al.  Modeling and exploiting query interactions in database systems , 2008, CIKM '08.

[8]  Alon Y. Halevy,et al.  MiniCon: A scalable algorithm for answering queries using views , 2000, The VLDB Journal.

[9]  Marianne Winslett,et al.  Implementing Reflective Access Control in SQL , 2009, DBSec.

[10]  Mihalis Yannakakis,et al.  Equivalences Among Relational Expressions with the Union and Difference Operators , 1980, J. ACM.

[11]  Ehud Gudes,et al.  Data and Applications Security XXIII, 23rd Annual IFIP WG 11.3 Working Conference, Montreal, Canada, July 12-15, 2009. Proceedings , 2009, Database Security.

[12]  Ehud Gudes,et al.  Fine-grained access control to web databases , 2007, SACMAT '07.

[13]  S. Sudarshan,et al.  Redundancy and information leakage in fine-grained access control , 2006, SIGMOD Conference.

[14]  Michael Stonebraker,et al.  Access control in a relational data base management system by query modification , 1974, ACM '74.

[15]  Ashish Gupta,et al.  Materialized views: techniques, implementations, and applications , 1999 .

[16]  Wenfei Fan,et al.  Secure XML querying with security views , 2004, SIGMOD '04.

[17]  Ashok K. Chandra,et al.  Optimal implementation of conjunctive queries in relational data bases , 1977, STOC '77.

[18]  Inderpal Singh Mumick,et al.  Selection of Views to Materialize in a Data Warehouse , 2005, IEEE Trans. Knowl. Data Eng..

[19]  Jorge Lobo,et al.  On the Correctness Criteria of Fine-Grained Access Control in Relational Databases , 2007, VLDB.

[20]  Peng Liu,et al.  Incremental adaptation of XPath access control views , 2007, ASIACCS '07.

[21]  Arnon Rosenthal,et al.  Abstracting and Refining Authorization in SQL , 2004, Secure Data Management.

[22]  Dan Suciu,et al.  Access control over uncertain data , 2008, Proc. VLDB Endow..

[23]  Matthias Jarke,et al.  Query Optimization in Database Systems , 1984, CSUR.

[24]  Rakesh Agrawal,et al.  Extending relational database systems to automatically enforce privacy policies , 2005, 21st International Conference on Data Engineering (ICDE'05).

[25]  Sushil Jajodia,et al.  Maintaining privacy on derived objects , 2005, WPES '05.