Name
Abstract | ||
|---|---|---|
The widespread diffusion of Web-based services provided by public and private organizations emphasizes the need for a flexible solution for protecting the information accessible through Web applications. A promising approach is represented by credential-based access control and trust management. However, although much research has been done and several proposals exist, a clear obstacle to the realization of their benefits in data-intensive Web applications is represented by the lack of adequate support in the DBMSs. As a matter of fact, DBMSs are often responsible for the management of most of the information that is accessed using a Web browser or a Web service invocation. In this article, we aim at eliminating this gap, and present an approach integrating trust management with the access control of the DBMS. We propose a trust model with a SQL syntax and illustrate an algorithm for the efficient verification of a delegation path for certificates. Our solution nicely complements current trust management proposals allowing the efficient realization of the services of an advanced trust management model within current relational DBMSs. An important benefit of our approach lies in its potential for a robust end-to-end design of security for personal data in Web scenario, where vulnerabilities of Web applications cannot be used to violate the protection of the data residing on the database server. We also illustrate the implementation of our approach within an open-source DBMS discussing design choices and performance impact. |
Year | DOI | Venue |
|---|---|---|
2012 | 10.1145/2180861.2180863 | TWEB |
Keywords | Field | DocType |
current trust management proposal,access control,data-intensive web application,web scenario,integrating trust management,trust model,promising approach,web browser,advanced trust management model,trust management,web application,web service invocation,relational databases,web service,relational database | Web development,Web design,Data mining,World Wide Web,Computer science,Data Web,Web engineering,Web modeling,Web application security,Web navigation,Web service | Journal |
Volume | Issue | ISSN |
6 | 2 | 1559-1131 |
Citations | PageRank | References |
15 | 0.70 | 40 |
Authors | ||
6 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Sabrina De Capitani Di Vimercati | 1 | 3991 | 350.57 |
| S. Foresti | 2 | 1004 | 64.12 |
| Sushil Jajodia | 3 | 9375 | 1839.16 |
| Stefano Paraboschi | 4 | 3590 | 450.24 |
| Giuseppe Psaila | 5 | 722 | 192.45 |
| Pierangela Samarati | 6 | 7152 | 785.82 |