Rule Enforcement with Third Parties in Secure Cooperative Data Access

Le, Meixing; Kant, Krishna; Jajodia, Sushil

doi:10.1007/978-3-642-39256-6_20

Cited by 5 publications

(4 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The algorithm also has some key enhancements so that it is less likely to generate suboptimal query plans. The paper also provides more insights into the single TP case discussed in [15] and extend the analysis to multiple third parties.…”

Section: Introductionmentioning

confidence: 87%

“…In addition to direct changes to the rules, another way to enforce rules is by introducing trusted third parties (TP) that can obtain the necessary data and do the required manipulations. In [15], we studied the special case of a single TP trusted by all parties. In this paper, we extend the analysis to multiple TPs with partial trust relationships.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Minimum cost rule enforcement for cooperative database access

Le¹,

Kant

Athamnah

et al. 2016

JCS

Self Cite

View full text Add to dashboard Cite

In this paper, we consider restricted data sharing between a set of parties that wish to provide some set of online services requiring such data sharing. Each party is assumed to store its data in private relational databases, and is given a set of mutually agreed set of authorization rules that specify access to attributes over individual relations or joins over relations owned by one or more parties. The access restrictions introduce significant additional complexity in rule enforcement and query planning as compared with a traditional distributed database environment. We examine the problem of minimum cost rule enforcement which simultaneously checks for the enforceability of each rule and generation of minimum cost plan of its execution. However, the paper is not focused on specific cost functions, but instead of efficient methods for enforcing rules in the face of access restrictions and inter-party data transfer needs. We propose an efficient heuristic algorithm for this minimal enforcement since the exact problem is NP-hard. In some cases, it is not possible to enforce the rules with the regular parties only. In such cases, we need help of trusted third parties (TPs). If all parties trust a single TP, such a party can enforce all unenforced rules, but it is desirable to use the TP minimally. We also consider the extended case where multiple TPs are required since not every regular party can trust a single TP.

show abstract

Section: Introductionmentioning

confidence: 87%

Section: Introductionmentioning

confidence: 99%

Minimum cost rule enforcement for cooperative database access

Le¹,

Kant

Athamnah

et al. 2016

JCS

Self Cite

View full text Add to dashboard Cite

show abstract

“…Significant effort has been made to protect data confidentiality in mutli-party database networks by enforcing data authorization policies [3,8,9,14]. Previous work has also proposed new query engines that consider query information confidentiality during collaborative query execution [4][5][6].…”

Section: Introductionmentioning

confidence: 99%

Towards Collaborative Query Planning in Multi-party Database Networks

Zhao

Liu

Lobo

2015

Data and Applications Security and Privacy XXIX

View full text Add to dashboard Cite

Abstract. Multi-party distributed database networks require secure and decentralized query planning services. In this work, we propose the collaborative query planning (CQP) service that enables multiple parties to jointly plan queries and controls sensitive information disclosure at the same time. We conduct several simulated experiments to evaluate the performance characteristics of our approach compared to other planning schemes, and also study the trade-off between information confidentiality and query plan efficiency. The evaluation shows that when sharing more than 30% of query planning information between coalition parties, the CQP service is able to generate reasonably efficient query plans. We also outline potential improvements of the CQP service at the end.

show abstract

“…The consistency problem refers to the fact that if a party is provided access to two relations, say R and S, it is very difficult to prevent it from joining these relations, but the rule may deny access to R S. Our previous research has addressed this issue [12] and here we simply assume that the rules are upwards closed, i.e., access to R and S will automatically enable access to R S. The enforceability problem can be illustrated as follows: If a party P is given access to R S but it and no other party has access to both R and S, it is not possible to actually compute R S. We have examined this problem in [13]. In some cases, enforceability requires introducing a trusted third party [14] that is given sufficient access rights to perform the operation in question (e.g., R S in our example). Third parties bring in their own security risks, and we do not consider them in this paper.…”

Section: Introductionmentioning

confidence: 99%

Consistent Query Plan Generation in Secure Cooperative Data Access

Le¹,

Kant

Jajodia

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

In this paper, we consider restricted data sharing between a set of parties that wish to provide some set of online services requiring such data sharing. We assume that each party stores its data in private relational databases, and is given a set of mutually agreed set of authorization rules that may involve joins over relations owned by one or more parties. Although the query planning problem in such an environment is similar to the one for distributed databases, the access restrictions introduce significant additional complexity that we address in this paper. We examine the problem of efficiently enforcing rules and generating query execution plans in this environment. Because of the exponential complexity of optimal query planning, our query planning algorithm is heuristics based but produces excellent, if not optimal, results in most of the practical cases.

show abstract

Rule Enforcement with Third Parties in Secure Cooperative Data Access

Cited by 5 publications

References 8 publications

Minimum cost rule enforcement for cooperative database access

Minimum cost rule enforcement for cooperative database access

Towards Collaborative Query Planning in Multi-party Database Networks

Consistent Query Plan Generation in Secure Cooperative Data Access

Contact Info

Product

Resources

About