On the correctness criteria of fine-grained access control in relational databases

Qihua Wang, Ting Yu, Ninghui Li, Jorge Lobo, Elisa Bertino, Keith Irwin, Ji Won Byun

Research output: Chapter in Book/Report/Conference proceedingConference contribution

54 Citations (Scopus)

Abstract

Databases are increasingly being used to store information covered by heterogeneous policies, which require support for access control with great flexibility. This has led to increasing interest in using fine-grained access control, where different cells in a relation may be governed by different access control rules. Although several proposals have been made to support fine-grained access control, there currently does not exist a formal notion of correctness regarding the query answering procedure. In this paper, we propose such a formal notion of correctness in fine-grained database access control, and discuss why existing approaches fall short in some circumstances. We then propose a labeling approach for masking unauthorized information and a query evaluation algorithm which better supports fine-grained access control. Finally, we implement our algorithm using query modification and evaluate its performance.

Original languageEnglish
Title of host publication33rd International Conference on Very Large Data Bases, VLDB 2007 - Conference Proceedings
PublisherAssociation for Computing Machinery, Inc
Pages555-566
Number of pages12
ISBN (Electronic)9781595936493
Publication statusPublished - 2007
Event33rd International Conference on Very Large Data Bases, VLDB 2007 - Vienna, Austria
Duration: 23 Sep 200727 Sep 2007

Other

Other33rd International Conference on Very Large Data Bases, VLDB 2007
CountryAustria
CityVienna
Period23/9/0727/9/07

    Fingerprint

ASJC Scopus subject areas

  • Hardware and Architecture
  • Information Systems and Management
  • Information Systems
  • Software

Cite this

Wang, Q., Yu, T., Li, N., Lobo, J., Bertino, E., Irwin, K., & Byun, J. W. (2007). On the correctness criteria of fine-grained access control in relational databases. In 33rd International Conference on Very Large Data Bases, VLDB 2007 - Conference Proceedings (pp. 555-566). Association for Computing Machinery, Inc.