Skip to Main content Skip to Navigation
Conference papers

Tuple-Based Access Control: a Provenance-Based Information Flow Control for Relational Data

Romuald Thion 1 François Lesueur 1 Meriam Talbi 1
1 BD - Base de Données
LIRIS - Laboratoire d'InfoRmatique en Image et Systèmes d'information
Abstract : This paper proposes a flexible control framework for relational personal data that enforces data orig-inators' dissemination policies. Inspired by the sticky policy paradigm and mandatory access control, dissemination policies are linked with atomic data and are combined when different pieces of data are merged. The background setting of relational provenance guarantees that the policy combining operations behave accordingly to the operations carried out on the data. We show that the framework can capture a large class of policies similar to those of lattice-based access control models and that it can be integrated seamlessly into relational database management systems. In particular, we define a path oriented dissemination control model where policies define authorized chains of transfers between databases. Promising ongoing research work include the generalization of the theoretical framework to more expressive query languages including aggregation and difference operators as well as experiments on secure tokens.
Complete list of metadatas
Contributor : Romuald Thion <>
Submitted on : Tuesday, September 15, 2015 - 4:20:34 PM
Last modification on : Wednesday, July 8, 2020 - 12:43:36 PM
Long-term archiving on: : Monday, December 28, 2015 - 10:43:56 PM


Files produced by the author(s)



Romuald Thion, François Lesueur, Meriam Talbi. Tuple-Based Access Control: a Provenance-Based Information Flow Control for Relational Data. SAC '15 Proceedings of the 30th Annual ACM Symposium on Applied Computing, ACM, Apr 2015, Salamanca, Spain. pp.2165-2170, ⟨10.1145/2695664.2695758⟩. ⟨hal-01192900⟩



Record views


Files downloads