Ensuring security of data is one of the fundamental needs of people. In this context, issues related to confidentiality, integrity and availability of the data arise with a crucial importance, whether in economic, legal or medical domains. Standards covering fine-grained access control were proposed and adopted to control access to data through queries. In this paper, we propose a novel approach to facilitate the administration of access control rules to ensure the confidentiality of data at the level of materialized views. Several techniques and models have been proposed to control access to databases, but to our knowledge the problem of automatically generating from access control rules defined over base relations the applicable access control rules needed to control materialized views is not investigated. We are investigating this problem by resorting to an adaptation of query rewriting techniques. We choose to express fine-grained access control through authorization views. This paper mainly discusses the problem of automatically ensuring confidentiality of materialized views based on basic access control rules, and identifies formal tools to tackle the problem.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.