Access control in a relational data base management system by query modification

Wong, Eugene

doi:10.1145/800182.810400

Cited by 109 publications

(55 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Query modification was used in the INGRES relational DBMS [3] to implement integrity constraints,views [4] and discretionary access control [5]. The SQUEL query language is used to specify these integrity constraints, views and access control restrictions.…”

Section: Indi Related Workmentioning

confidence: 99%

A General Framework for Multi-level security to restrict unauthorized users in Sulaymaniyah E-Court Database

Raza¹,

Kakarash²

2016

IJECS

View full text Add to dashboard Cite

-Data is vulnerable at many points in any computer system, and many security techniques and types of functionality can be applied to protect it. Sulimanyah Court is a big and popular Government sector in Iraq. Many clients accessing E-Court Systems, SES (Sulimanyah E-Court Systems) is using SQL SERVER database to store and accesses court cases with different clients. Most of the security models available for databases today protect them from outside, unauthorized users and cannot be provides internal security in relationship with the user type of access to the database. This database can access by hundreds of clients. We propose a framework to increase security needs of database systems. Clients in this approach can be analysed to instituting sub channels between specific (groups of) users such that authorized subchannels appropriating from accessing objects that contain some sensitive information and restricting unauthorized users. In this paper we propose a general framework for Multi-Level Security (MLS) in Sulaymaniyah E-Court database.

show abstract

Section: Indi Related Workmentioning

confidence: 99%

A General Framework for Multi-level security to restrict unauthorized users in Sulaymaniyah E-Court Database

Raza¹,

Kakarash²

2016

IJECS

View full text Add to dashboard Cite

show abstract

“…Another interesting work was suggested by Stonebraker [5]. In this case, the query transformation is specified by adding conditions to qualification portion of the original query.…”

Section: Related Workmentioning

confidence: 99%

fQuery: SPARQL Query Rewriting to Enforce Data Confidentiality

Oulmakhzoune¹,

Cuppens-Boulahia²,

Cuppens³

et al. 2010

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. RDF is an increasingly used framework for describing Web resources, including sensitive and confidential resources. In this context, we need an expressive language to query RDF databases. SPARQL has been defined to easily localize and extract data in an RDF graph. Since confidential data are accessed, SPARQL queries must be filtered so that only authorized data are returned with respect to some confidentiality policy. In this paper, we model a confidentiality policy as a set of positive and negative filters (corresponding respectively to permissions and prohibitions) that apply to SPARQL queries. We then define rewriting algorithms that transform the queries so that the results returned by transformed queries are compliant with the confidentiality policy.

show abstract

“…The idea of modifying queries for access control was introduced in [24], and the idea of "reformulating" queries for security was also alluded to by [25]. A query rewrite mechanism to control access to federated XML user-profile data was used by [22].…”

Section: Related Workmentioning

confidence: 99%

Limiting Disclosure in Hippocratic Databases

LEFEVRE¹,

Agrawal²,

ERCEGOVAC³

et al. 2004

Proceedings 2004 VLDB Conference

View full text Add to dashboard Cite

We present a practical and efficient approach to incorporating privacy policy enforcement into an existing application and database environment, and we explore some of the semantic tradeoffs introduced by enforcing these privacy policy rules at cell-level granularity. Through a comprehensive set of performance experiments, we show that the cost of privacy enforcement is small, and scalable to large databases.

show abstract

Access control in a relational data base management system by query modification

Cited by 109 publications

References 12 publications

A General Framework for Multi-level security to restrict unauthorized users in Sulaymaniyah E-Court Database

A General Framework for Multi-level security to restrict unauthorized users in Sulaymaniyah E-Court Database

fQuery: SPARQL Query Rewriting to Enforce Data Confidentiality

Limiting Disclosure in Hippocratic Databases

Contact Info

Product

Resources

About