ACStream: Enforcing Access Control over Data Streams

In this demo proposal, we illustrate ACStream, a system built on top of Stream Base [1], to specify and enforce access control policies over data streams. ACStream supports a very flexible role-based access control model specifically designed to protect against unauthorized access to streaming data. The core component of ACStream is a query rewriting mechanism that, by exploiting a set of secure operators proposed by us in [2], rewrites a user query in such a way that it does not violate the specified access control policies during its execution. The demo will show how policies modelling a variety of access control requirements can be easily specified and enforced using ACStream.

[1]  Ying Xing,et al.  The Design of the Borealis Stream Processing Engine , 2005, CIDR.

[2]  Kian-Lee Tan,et al.  A framework to enforce access control over data streams , 2010, TSEC.

[3]  Kian-Lee Tan,et al.  Enforcing access control over data streams , 2007, SACMAT '07.

[4]  Qiang Chen,et al.  Aurora : a new model and architecture for data stream management ) , 2006 .

[5]  Kian-Lee Tan,et al.  Specifying Access Control Policies on Data Streams , 2007, DASFAA.

[6]  Joe Marini,et al.  Document Object Model , 2002, Encyclopedia of GIS.

[7]  Jörg Meier,et al.  Securing the Borealis Data Stream Engine , 2006, 2006 10th International Database Engineering and Applications Symposium (IDEAS'06).