• DocumentCode
    1758859
  • Title

    Efficient Enforcement of Action-Aware Purpose-Based Access Control within Relational Database Management Systems

  • Author

    Colombo, Pietro ; Ferrari, Elena

  • Author_Institution
    Dipt. di Sci. Teoriche e Applicate, Univ. degli Studi dell´Insubria, Varese, Italy
  • Volume
    27
  • Issue
    8
  • fYear
    2015
  • fDate
    Aug. 1 2015
  • Firstpage
    2134
  • Lastpage
    2147
  • Abstract
    Among the variety of access control models proposed for database management systems (DBMSs) a key role is covered by the purpose-based access control model, which, while enforcing access control, also achieves basic privacy preservation. We believe that DBMSs could greatly take benefit from the integration of an enhanced purpose based model supporting highly customized and efficient access control. Therefore, in this paper, we propose a purpose-based model that supports action-aware policy specification and a related efficient enforcement framework to be integrated into relational DBMSs. The experimental evaluation we have performed shows the feasibility and efficiency of the proposed framework.
  • Keywords
    authorisation; data privacy; relational databases; action-aware policy specification; action-aware purpose-based access control; enforcement framework; privacy preservation; relational DBMS; relational database management systems; Access control; Data models; Data privacy; Databases; Joints; Temperature sensors; Purpose based access control; action awareness; enforcement; relational database management systems;
  • fLanguage
    English
  • Journal_Title
    Knowledge and Data Engineering, IEEE Transactions on
  • Publisher
    ieee
  • ISSN
    1041-4347
  • Type

    jour

  • DOI
    10.1109/TKDE.2015.2411595
  • Filename
    7056423