Affiliation:
1. MIT Lincoln Laboratory, Lexington, MA, USA
2. MIT Lincoln Laboratory, Lexington , MA, USA
Abstract
This paper presents a vision and description for query control, which is a paradigm for database access control. In this model, individual queries are examined before being executed and are either allowed or denied by a pre-defined policy. Traditional view-based database access control requires the enforcer to view the query, the records, or both. That may present difficulty when the enforcer is not allowed to view database contents or the query itself. This discussion of query control arises from our experience with privacy-preserving encrypted databases, in which no single entity learns both the query and the database contents. Query control is also a good fit for enforcing rules and regulations that are not well-addressed by view-based access control. With the rise of federated database management systems, we believe that new approaches to access control will be increasingly important.
Publisher
Association for Computing Machinery (ACM)
Subject
Information Systems,Software
Cited by
8 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Empowering Data Federation Security in Polystore Systems;2023 20th ACS/IEEE International Conference on Computer Systems and Applications (AICCSA);2023-12-04
2. RangeQC: A Query Control Framework for Range Query Leakage Quantification and Mitigation;2023 IEEE 43rd International Conference on Distributed Computing Systems (ICDCS);2023-07
3. Rewriting Graph-DB Queries to Enforce Attribute-Based Access Control;Lecture Notes in Computer Science;2023
4. Secure and Policy-Compliant Query Processing on Heterogeneous Computational Storage Architectures;Proceedings of the 2022 International Conference on Management of Data;2022-06-10
5. Compliant Geo-distributed Query Processing;Proceedings of the 2021 International Conference on Management of Data;2021-06-09