Access Control for Data Integration in Presence of Data Dependencies

Abstract : Defining access control policies in a data integration scenario is a challenging task. In such a scenario typically each source specifies its local access control policy and cannot anticipate data inferences that can arise when data is integrated at the mediator level. Inferences, e.g., using functional dependencies, can allow malicious users to obtain, at the mediator level, prohibited information by linking multiple queries and thus violating the local policies. In this paper, we propose a framework, i.e., a methodology and a set of algorithms, to prevent such violations. First, we use a graph-based approach to identify sets of queries, called violating transactions, and then we propose an approach to forbid the execution of those transactions by identifying additional access control rules that should be added to the mediator. We also state the complexity of the algorithms and discuss a set of experiments we conducted by using both real and synthetic datasets. Tests also confirm the complexity and upper bounds in worst-case scenarios of the proposed algorithms.
Document type :
Conference papers
Complete list of metadatas

https://hal.archives-ouvertes.fr/hal-01270894
Contributor : Équipe Gestionnaire Des Publications Si Liris <>
Submitted on : Monday, February 8, 2016 - 4:00:50 PM
Last modification on : Tuesday, February 26, 2019 - 11:49:56 AM

Identifiers

  • HAL Id : hal-01270894, version 1

Citation

Mehdi Haddad, Jovan Stevovic, Annamaria Chiasera, Yannis Velegrakis, Mohand-Said Hacid. Access Control for Data Integration in Presence of Data Dependencies. The 19th International Conference on Database Systems for Advanced Applications (DASFAA 2014), Apr 2014, Bali, Indonesia. pp.203-217. ⟨hal-01270894⟩

Share

Metrics

Record views

194