Authorization Views and Conditional Query Containment

Zhang, Zheng; Mendelzon, Alberto O.

doi:10.1007/978-3-540-30570-5_18

Cited by 35 publications

(91 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The definition is further based on the notion of certain answers [3]. We note that instance-specific reasoning also arises in data security and authorization views: in that context, Zhang and Mendelzon study conditional query containment, where containment is conditioned on a particular view output [32].…”

Section: Related Workmentioning

confidence: 99%

Query-based data pricing

Koutris

Upadhyaya

Balazinska

et al. 2012

Proceedings of the 31st ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems

129

View full text Add to dashboard Cite

Data is increasingly being bought and sold online, and Webbased marketplace services have emerged to facilitate these activities. However, current mechanisms for pricing data are very simple: buyers can choose only from a set of explicit views, each with a specific price. In this paper, we propose a framework for pricing data on the Internet that, given the price of a few views, allows the price of any query to be derived automatically. We call this capability "querybased pricing." We first identify two important properties that the pricing function must satisfy, called arbitragefree and discount-free. Then, we prove that there exists a unique function that satisfies these properties and extends the seller's explicit prices to all queries. When both the views and the query are Unions of Conjunctive Queries, the complexity of computing the price is high. To ensure tractability, we restrict the explicit prices to be defined only on selection views (which is the common practice today). We give an algorithm with polynomial time data complexity for computing the price of any chain query by reducing the problem to network flow. Furthermore, we completely characterize the class of Conjunctive Queries without selfjoins that have PTIME data complexity (this class is slightly larger than chain queries), and prove that pricing all other queries is NP-complete, thus establishing a dichotomy on the complexity of the pricing problem when all views are selection queries.

show abstract

Section: Related Workmentioning

confidence: 99%

Query-based data pricing

Koutris

Upadhyaya

Balazinska

et al. 2012

Proceedings of the 31st ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems

129

View full text Add to dashboard Cite

show abstract

“…The conditions of perfect secrecy are studied in [22,8] using probability model, and in [28] using query conditional containment. In this paper, we addressed the case where we intend to release data if some partial disclosure by database views is tolerated, and hence the disclosure needs to be measured.…”

Section: Related Workmentioning

confidence: 99%

Indistinguishability: The Other Aspect of Privacy

Yao

Wang

et al. 2006

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Uncertainty and indistinguishability are two independent aspects of privacy. Uncertainty refers to the property that the attacker cannot tell which private value, among a group of values, an individual actually has, and indistinguishability refers to the property that the attacker cannot see the difference among a group of individuals. While uncertainty has been well studied and applied to many scenarios, to date, the only effort in providing indistinguishability has been the well-known notion of k-anonymity. However, k-anonymity only applies to anonymized tables. This paper defines indistinguishability for general situations based on the symmetry among the possible private values associated with individuals. The paper then discusses computational complexities of and provides practical algorithms for checking whether a set of database views provides enough indistinguishability.

show abstract

“…For the Non-Truman model, Rizvi et al [16] left open the decidability of the conditional validity problem. Although Zhang et al [20] proved that it is decidable for conjunctive queries and Koutris et al [11] extended this result to unions of conjunctive queries, there is no general characterization of the problem. For the Truman model, Wang et al [19] claimed that "while the maximality property is desirable, it is difficult to achieve" for algorithms that are secure and sound.…”

Section: Introductionmentioning

confidence: 99%

“…By using the resulting criteria and by exploiting the connections between optimal algorithms in the two models, we extend our decidability results to optimal algorithms in the Non-Truman model and to the conditional validity problem. Note that we consider a security model that is more expressive than the one used in previous work on the Non-Truman model [11,16,20]. We thereby improve upon the results in [11,20].…”

Section: Introductionmentioning

confidence: 99%

Optimal security-aware query processing

Guarnieri

Basin

2014

Proc. VLDB Endow.

View full text Add to dashboard Cite

Security-Aware Query Processing is the problem of computing answers to queries in the presence of access control policies. We present general impossibility results for the existence of optimal algorithms for Security-Aware Query Processing and classify query languages for which such algorithms exist. In particular, we show that for the relational calculus there are no optimal algorithms, whereas optimal algorithms exist for some of its fragments, such as the existential fragment.We also establish relationships between two different models of Fine-Grained Access Control, called Truman and NonTruman models, which have been previously presented in the literature as distinct. For optimal Security-Aware Query Processing, we show that the Non-Truman model is a special case of the Truman model for boolean queries in the relational calculus, moreover the two models coincide for more powerful languages, such as the relational calculus with aggregation operators. In contrast, these two models are distinct for non-boolean queries.

show abstract

Authorization Views and Conditional Query Containment

Cited by 35 publications

References 15 publications

Query-based data pricing

Query-based data pricing

Indistinguishability: The Other Aspect of Privacy

Optimal security-aware query processing

Contact Info

Product

Resources

About