Name
Title | ||
|---|---|---|
Analyzing and Controlling Information Inference of Fine-Grained Access Control Policies in Relational Databases |
Abstract | ||
|---|---|---|
As a more flexible and effective access control mechanism in databases, fine-grained access control (FGAC) has drawn considerable attention from industrial and research community. While providing more effective protection for databases, FGAC also incurs new loopholes for attacks. When FGAC policies are defined inconsistently, performing UPDATE/DELETE operations might cause information inference, called UD inference, probably leading to the disclosure of sensitive data to unauthorized users. In order to protect database security, UD inference must be controlled. However, it is challenging to control such inference, due to the flexibility of FGAC policies. In this paper, we aim to provide an effective approach to control UD inference under the circumstance of FGAC policies. We first propose a formal framework for FGAC policies, and in-depth analyze UD inference based on this framework. Then, we propose a security condition to guarantee that there is no UD inference under the circumstances of FGAC policies, while these FGAC policies satisfy the proposed security condition. Finally, we present an effective approach to control UD inference by dynamically modifying FGAC policies. |
Year | DOI | Venue |
|---|---|---|
2013 | 10.1109/EIDWT.2013.72 | EIDWT |
Keywords | Field | DocType |
effective approach,database security,grained access control,relational databases,information inference,inference mechanisms,ud inference,effective protection,dynamically modifying fgac policy,authorisation,access control mechanism,controlling information inference,fine-grained access control policies,fgac policies,effective access control mechanism,fgac policy,update- delete operations,proposed security condition,inference,fine-grained access control | Remuneration,Relational database,Lifting equipment,Inference,Computer security,Computer science,Authorization,Database security,Access control,Database | Conference |
ISBN | Citations | PageRank |
978-1-4799-2140-9 | 0 | 0.34 |
References | Authors | |
12 | 4 | |