Abstract | ||
---|---|---|
The fine-grained access control (FGAC) is important to Web applications. However, it can be circumvented by indirect access such as inferring sensitive data from insensitive data. In the previous FGAC studies, the inference information leakage is not well controlled. In addition, the soundness property, which requires that the results of a query under the FGAC should be the subset of the results of the query without the FGAC over the same database states, can not be held for all SQL statements. Moreover, without soundness information leakage would occur in databases in some situations. In this paper, we divide the approaches which implement FGAC with query modification into two types: the first, the FGAC policy is executed over the results obtained from the query issued by a user; the second, the query issued by a user is executed over the results obtained from the FGAC policy. Then we introduce three types of information leakages of FGAC, which is implemented by using the first approach, and analyze why the existing approaches can not hold soundness for all SQL statements. A novel approach is proposed to control the information leakages and satisfy the soundness property for all SQL statements. Then we implement our approach in DM DBMS with query modification and analyze the test results. |
Year | DOI | Venue |
---|---|---|
2008 | 10.1109/WAIM.2008.52 | WAIM |
Keywords | Field | DocType |
novel approach,query modification,fine-grained access model,previous fgac study,fgac policy,soundness property,existing approach,sql statement,controlling information leakage,inference information leakage,soundness information leakage,information leakage,delta modulation,web applications,information management,access control,satisfiability,authorization,database management system,lifting equipment,information analysis,testing,database systems,databases,security,sql,authorisation,algorithm design and analysis,internet,redundancy | SQL,Data mining,Information leakage,Computer science,Inference,Database security,Redundancy (engineering),Access control,Soundness,Web application,Database | Conference |
Citations | PageRank | References |
4 | 0.43 | 8 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Hong Zhu | 1 | 47 | 7.49 |
Jie Shi | 2 | 11 | 2.38 |
Yuanzhen Wang | 3 | 86 | 11.78 |
Yucai Feng | 4 | 29 | 8.58 |