Enabling intensional access control via preference-aware query optimization

Nicholas L. Farnan, Adam J. Lee, Panos K. Chrysanthis, Ting Yu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

2 Citations (Scopus)

Abstract

Although the declarative nature of SQL provides great utility to database users, its use in distributed database management systems can result in unintended consequences to user privacy over the course of query evaluation. By allowing users to merely say what data they are interested in accessing without providing guidance regarding how to retrieve it, query optimizers can generate plans that leak sensitive query intension. To address these types of issues, we have created a framework that empowers users with the ability to specify access controls on the intension of their queries through extensions to the SQL SELECT statement. In this demonstration, we present a version of PostgreSQL's query optimizer that we have modified to produce plans that respect these constraints while optimizing user-specified SQL queries in terms of performance.

Original languageEnglish
Title of host publicationProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT
Pages189-192
Number of pages4
DOIs
Publication statusPublished - 2 Sep 2013
Externally publishedYes
Event18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013 - Amsterdam, Netherlands
Duration: 12 Jun 201314 Jun 2013

Other

Other18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013
CountryNetherlands
CityAmsterdam
Period12/6/1314/6/13

Fingerprint

Access control
Demonstrations

Keywords

  • Distributed databases
  • Preference SQL
  • Privacy
  • Query optimization

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems

Cite this

Farnan, N. L., Lee, A. J., Chrysanthis, P. K., & Yu, T. (2013). Enabling intensional access control via preference-aware query optimization. In Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT (pp. 189-192) https://doi.org/10.1145/2462410.2462428

Enabling intensional access control via preference-aware query optimization. / Farnan, Nicholas L.; Lee, Adam J.; Chrysanthis, Panos K.; Yu, Ting.

Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. 2013. p. 189-192.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Farnan, NL, Lee, AJ, Chrysanthis, PK & Yu, T 2013, Enabling intensional access control via preference-aware query optimization. in Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. pp. 189-192, 18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013, Amsterdam, Netherlands, 12/6/13. https://doi.org/10.1145/2462410.2462428
Farnan NL, Lee AJ, Chrysanthis PK, Yu T. Enabling intensional access control via preference-aware query optimization. In Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. 2013. p. 189-192 https://doi.org/10.1145/2462410.2462428
Farnan, Nicholas L. ; Lee, Adam J. ; Chrysanthis, Panos K. ; Yu, Ting. / Enabling intensional access control via preference-aware query optimization. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT. 2013. pp. 189-192
@inproceedings{16755aa592c2457693afbb7d027f016d,
title = "Enabling intensional access control via preference-aware query optimization",
abstract = "Although the declarative nature of SQL provides great utility to database users, its use in distributed database management systems can result in unintended consequences to user privacy over the course of query evaluation. By allowing users to merely say what data they are interested in accessing without providing guidance regarding how to retrieve it, query optimizers can generate plans that leak sensitive query intension. To address these types of issues, we have created a framework that empowers users with the ability to specify access controls on the intension of their queries through extensions to the SQL SELECT statement. In this demonstration, we present a version of PostgreSQL's query optimizer that we have modified to produce plans that respect these constraints while optimizing user-specified SQL queries in terms of performance.",
keywords = "Distributed databases, Preference SQL, Privacy, Query optimization",
author = "Farnan, {Nicholas L.} and Lee, {Adam J.} and Chrysanthis, {Panos K.} and Ting Yu",
year = "2013",
month = "9",
day = "2",
doi = "10.1145/2462410.2462428",
language = "English",
isbn = "9781450319508",
pages = "189--192",
booktitle = "Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT",

}

TY - GEN

T1 - Enabling intensional access control via preference-aware query optimization

AU - Farnan, Nicholas L.

AU - Lee, Adam J.

AU - Chrysanthis, Panos K.

AU - Yu, Ting

PY - 2013/9/2

Y1 - 2013/9/2

N2 - Although the declarative nature of SQL provides great utility to database users, its use in distributed database management systems can result in unintended consequences to user privacy over the course of query evaluation. By allowing users to merely say what data they are interested in accessing without providing guidance regarding how to retrieve it, query optimizers can generate plans that leak sensitive query intension. To address these types of issues, we have created a framework that empowers users with the ability to specify access controls on the intension of their queries through extensions to the SQL SELECT statement. In this demonstration, we present a version of PostgreSQL's query optimizer that we have modified to produce plans that respect these constraints while optimizing user-specified SQL queries in terms of performance.

AB - Although the declarative nature of SQL provides great utility to database users, its use in distributed database management systems can result in unintended consequences to user privacy over the course of query evaluation. By allowing users to merely say what data they are interested in accessing without providing guidance regarding how to retrieve it, query optimizers can generate plans that leak sensitive query intension. To address these types of issues, we have created a framework that empowers users with the ability to specify access controls on the intension of their queries through extensions to the SQL SELECT statement. In this demonstration, we present a version of PostgreSQL's query optimizer that we have modified to produce plans that respect these constraints while optimizing user-specified SQL queries in terms of performance.

KW - Distributed databases

KW - Preference SQL

KW - Privacy

KW - Query optimization

UR - http://www.scopus.com/inward/record.url?scp=84883131273&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84883131273&partnerID=8YFLogxK

U2 - 10.1145/2462410.2462428

DO - 10.1145/2462410.2462428

M3 - Conference contribution

AN - SCOPUS:84883131273

SN - 9781450319508

SP - 189

EP - 192

BT - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

ER -