Implementing Reflective Access Control in SQL

Gunter

Proceedings of the First ACM Workshop on Security and Privacy in Medical and Home-Care Systems

2009

Self Cite

Reflective Database Access Control (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege in an access control matrix. RDBAC aids the management of database access controls by improving the expressiveness of policies, enabling enforcement at the database level rather than at the application level. This in turn facilitates the creation of new applications without the need for duplicating security enforcement in each application. Past work has proposed the use of the Transaction Datalog (TD) language as a theoretical basis for RDBAC. We present a case study for a medical database using TD. This case study includes a wide range of access patterns for which RDBAC provides a simple method for formulating policies, demonstrating the flexibility of RD-BAC as well as the practicality and scalability of using such a system in real-world applications that require non-trivial policy definitions on large data sets.

Section: Related Workmentioning

confidence: 82%

“…RDBAC removes these restrictions and allows policies to refer to any part of the database. Previous work has shown how formal security analysis of RDBAC policies can be tractably performed [13], and how an RDBAC system can be implemented in standard, off-the-shelf relational databases [12].…”

mentioning

confidence: 99%

A medical database case study for reflective database access control

Gunter

Proceedings of the First ACM Workshop on Security and Privacy in Medical and Home-Care Systems

2009

Self Cite

Lecture Notes in Computer Science

“…FGAC uses query rewriting tech-niques [1, 5,8,10,15,19] to provide database security. This is typically performed using rules that are specified in the native query language of the target database and may be realized through the creation of views.…”

Section: Background and Related Workmentioning

confidence: 99%

SEQUOIA: Scalable Policy-Based Access Control for Search Operations in Data-Driven Applications

Bogaerts

Lagaisse

Joosen

2017

Abstract. Policy-based access control is a technology that achieves separation of concerns through evaluating an externalized policy at each access attempt. While this approach has been well-established for requestresponse applications, it is not supported for database queries of datadriven applications, especially for attribute-based policies. In particular, search operations for such applications involve poor scalability with regard to the data set size for this approach, because they are influenced by dynamic runtime conditions. This paper proposes a scalable application-level middleware solution that performs runtime injection of the appropriate rules into the original search query, so that the result set of the search includes only items to which the subject is entitled. Our evaluation shows that our method scales far better than current state of practice approach that supports policy-based access control.

Lecture Notes in Computer Science

“…As a result, such access control techniques cannot be effectively enforced at the database at a granularity level that exceeds the application. This is also the case for many techniques that employ query rewriting to optimize access control [5,10,15,18]. One technique that mitigates this issue is Virtual Private Database (VPD, [1]).…”

Section: Related Workmentioning

confidence: 99%

Idea: Supporting Policy-Based Access Control on Database Systems

Bogaerts

Lagaisse

Joosen

2016

Applications are increasingly operating on large data sets. This trend creates problems for access control, which in principle restricts the actions that subjects can perform on any item in that data set. Performance issues therefore emerge, typically for operations on entire data sets. Emerging access control models such as attribute-based access control do meet their limitations in this context. Worse, few solutions exist that addresses performance problems while supporting separation of concerns. In this paper, we present a first approach towards addressing this challenge. We propose a middleware architecture that performs policy transformations and query rewriting for externalized policies to optimize the access control process on the data set. We argue that this offers a promising approach for reducing the policy evaluation overhead for access control on large data sets.