[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
research-article

An authorization model for multi provider queries

Published: 01 November 2017 Publication History

Abstract

We present a novel approach for the specification and enforcement of authorizations that enables controlled data sharing for collaborative queries in the cloud. Data authorities can establish authorizations regulating access to their data distinguishing three visibility levels (no visibility, encrypted visibility, and plaintext visibility). Authorizations are enforced in the query execution by possibly restricting operation assignments to other parties and by adjusting visibility of data on-the-fly. Our approach enables users and data authorities to fully enjoy the benefits and economic savings of the competitive open cloud market, while maintaining control over data.

References

[1]
R. Agrawal, D. Asonov, M. Kantarcioglu, and Y. Li. Sovereign joins. In Proc. of ICDE, Atlanta, GA, April 2006.
[2]
M. Armbrust, R. S. Xin, C. Lian, Y. Huai, D. Liu, J. K. Bradley, X. Meng, T. Kaftan, M. J. Franklin, A. Ghodsi, and M. Zaharia. Spark SQL: Relational data processing in Spark. In Proc. of SIGMOD, pages 1383--1394, Melbourne, Australia, May-June 2015.
[3]
J. Bater, G. Elliott, C. Eggen, S. Goel, A. Kho, and J. Duggan. SMCQL: Secure query processing for private data networks. PVLDB, 10(6):673--684, 2017.
[4]
M. Benedikt, J. Leblay, and E. Tsamoura. Querying with access patterns and integrity constraints. PVLDB, 8(6):690--701, 2015.
[5]
S. S. Chow, J.-H. Lee, and L. Subramanian. Two-party computation model for privacy-preserving queries over distributed databases. In Proc. of NDSS, San Diego, CA, February 2009.
[6]
J. Cohen, B. Dolan, M. Dunlap, J. M. Hellerstein, and C. Welton. Mad skills: New analysis practices for big data. PVLDB, 2(2):1481--1492, 2009.
[7]
S. De Capitani di Vimercati, S. Foresti, S. Jajodia, G. Livraga, S. Paraboschi, and P. Samarati. Fragmentation in presence of data dependencies. IEEE TDSC, 11(6):510--523, 2014.
[8]
S. De Capitani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati. Authorization enforcement in distributed query evaluation. JCS, 19(4):751--794, 2011.
[9]
S. De Capitani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, and P. Samarati. Efficient integrity checks for join queries in the cloud. JCS, 24(3):347--378, 2016.
[10]
S. De Capitani di Vimercati, S. Foresti, G. Livraga, and P. Samarati. Practical techniques building on encryption for protecting and managing data in the cloud. In P. Ryan, D. Naccache, and J.-J. Quisquater, editors, Festschrift for David Kahn, pages 205--239. Springer, 2016.
[11]
N. Farnan, A. Lee, P. Chrysanthis, and T. Yu. PAQO: Preference-aware query optimization for decentralized database systems. In Proc. of ICDE, pages 424--435, Chicago, IL, March-April 2014.
[12]
P. Grofig et al. Experiences and observations on the industrial implementation of a system to search over outsourced encrypted data. In Proc. of Sicherheit, pages 115--125, Vienna, Austria, March 2014.
[13]
M. Guarnieri and D. Basin. Optimal security-aware query processing. PVLDB, 7(12):1307--1318, 2014.
[14]
H. Hacigümüs, B. Iyer, S. Mehrotra, and C. Li. Executing SQL over encrypted data in the database-service-provider model. In Proc. of SIGMOD, pages216--227, Madison, WI, June 2002.
[15]
D. Kossmann. The state of the art in distributed query processing. ACM CSUR, 32(4):422--469, 2000.
[16]
M. M. Kwakye and K. Barker. Privacy-preservation in the integration and querying of multidimensional data models. In Proc of PST, pages 255--263, Auckland, New Zealand, December 2016.
[17]
A. Y. Levy, D. Srivastava, and T. Kirk. Data model and query evaluation in global information systems. JIIS, 5(2):121--143, 1995.
[18]
K. Y. Oktay, M. Kantarcioglu, and S. Mehrotra. Secure and efficient query processing over hybrid clouds. In Proc. of ICDE, pages 733--744, San Diego, CA, April 2017.
[19]
R. Popa, C. Redfield, N. Zeldovich, and H. Balakrishnan. CryptDB: Protecting confidentiality with encrypted query processing. In Proc. of SOSP, pages 85--100, Cascais, Portugal, October 2011.
[20]
A. Rheinländer, U. Leser, and G. Graefe. Optimization of complex dataflows with user-defined functions. ACM CSUR, 50(3):38:1--38:39, 2017.
[21]
S. Rizvi, A. Mendelzon, S. Sudarshan, and P. Roy. Extending query rewriting techniques for fine-grained access control. In Proc. of SIGMOD, pages 551--562, Paris, France, June 2004.
[22]
S. Tu, M. Kaashoek, S. Madden, and N. Zeldovich. Processing analytical queries over encrypted data. PVLDB, 6(5):289--300, 2013.
[23]
J. Vaidya. Privacy in the context of digital government. In Proc. of DG.O, pages 302--303, College Park, MD, June 2012.
[24]
Q. Zeng, M. Zhao, P. Liu, P. Yadav, S. Calo, and J. Lobo. Enforcement of autonomous authorizations in collaborative distributed query evaluation. IEEE TKDE, 27(4):979--992, 2015.

Cited By

View all
  • (2019)Language-integrated privacy-aware distributed queriesProceedings of the ACM on Programming Languages10.1145/33605933:OOPSLA(1-30)Online publication date: 10-Oct-2019
  • (2019)Authorization-aware optimization for multi-provider queriesProceedings of the 34th ACM/SIGAPP Symposium on Applied Computing10.1145/3297280.3299731(431-438)Online publication date: 8-Apr-2019

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Proceedings of the VLDB Endowment
Proceedings of the VLDB Endowment  Volume 11, Issue 3
November 2017
150 pages
ISSN:2150-8097
Issue’s Table of Contents

Publisher

VLDB Endowment

Publication History

Published: 01 November 2017
Published in PVLDB Volume 11, Issue 3

Qualifiers

  • Research-article

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)3
  • Downloads (Last 6 weeks)0
Reflects downloads up to 21 Dec 2024

Other Metrics

Citations

Cited By

View all
  • (2019)Language-integrated privacy-aware distributed queriesProceedings of the ACM on Programming Languages10.1145/33605933:OOPSLA(1-30)Online publication date: 10-Oct-2019
  • (2019)Authorization-aware optimization for multi-provider queriesProceedings of the 34th ACM/SIGAPP Symposium on Applied Computing10.1145/3297280.3299731(431-438)Online publication date: 8-Apr-2019

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media