Access rule consistency in cooperative data access environment

In this paper we consider the situation where a set of enterprises need to collaborate to provide rich services to their clients. Such collaboration often requires controlled access to each other's data, which we assume is stored in standard relational form. The access control is provided by a set of access rules that may be defined over the joins of various relations. In this paper we introduce the notion of consistency of access rules and devise an algorithm to ensure consistency. We also consider the possibility of occasional changes in access rules and address the problem of maintaining consistency in the face of such changes. We propose algorithms for both changes with new privileges grants and revocations on existing privileges.

[1]  Timon C. Du,et al.  Access control in collaborative commerce , 2007, Decis. Support Syst..

[2]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[3]  Sushil Jajodia,et al.  Controlled Information Sharing in Collaborative Distributed Query Processing , 2008, 2008 The 28th International Conference on Distributed Computing Systems.

[4]  Anas Abou El Kalam,et al.  Access Control for Collaborative Systems: A Web Services Based Approach , 2007, IEEE International Conference on Web Services (ICWS 2007).

[5]  Ioana Manolescu,et al.  Query optimization in the presence of limited access patterns , 1999, SIGMOD '99.

[6]  Andrea Calì,et al.  Querying Data under Access Limitations , 2008, 2008 IEEE 24th International Conference on Data Engineering.

[7]  Murat Kantarcioglu,et al.  Sovereign Joins , 2006, 22nd International Conference on Data Engineering (ICDE'06).

[8]  Barbara Carminati,et al.  Collaborative access control in on-line social networks , 2011, 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom).

[9]  Chen Li,et al.  Computing complete answers to queries in the presence of limited access patterns , 2003, The VLDB Journal.

[10]  Seng-Phil Hong,et al.  Access control in collaborative systems , 2005, CSUR.

[11]  Antonios Gouglidis,et al.  domRBAC: An access control model for modern collaborative systems , 2012, Comput. Secur..

[12]  Donald Kossmann,et al.  The state of the art in distributed query processing , 2000, CSUR.

[13]  Joon S. Park,et al.  Role-based access control for collaborative enterprise in peer-to-peer computing environments , 2003, SACMAT '03.

[14]  Sushil Jajodia,et al.  Assessing query privileges via safe and efficient permission composition , 2008, CCS.

[15]  Alon Y. Halevy,et al.  MiniCon: A scalable algorithm for answering queries using views , 2000, The VLDB Journal.

[16]  Eugene Wong,et al.  Query processing in a system for distributed databases (SDD-1) , 1981, TODS.

[17]  Sushil Jajodia,et al.  Rule Configuration Checking in Secure Cooperative Data Access , 2012, SafeConfig.

[18]  Sushil Jajodia,et al.  Consistent Query Plan Generation in Secure Cooperative Data Access , 2014, DBSec.

[19]  Alfred V. Aho,et al.  The theory of joins in relational data bases , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[20]  Alon Y. Halevy,et al.  Answering queries using views: A survey , 2001, The VLDB Journal.