Enforcing Obligations within RelationalDatabase Management Systems

Author

Colombo, Pietro ; Ferrari, Elena

Author_Institution

Dipt. di Sci. Teoriche e Applicate, Univ. degli Studi dell´Insubria, Varese, Italy

Volume

11

Issue

4

fYear

2014

fDate

July-Aug. 2014

Firstpage

318

Lastpage

331

Abstract

Within Database Management Systems (DBMS), privacy policies regulate the collection, access and disclosure of the stored personal, identifiable and sensitive data. Policies often specify obligations which represent actions that must be executed or conditions that must be satisfied before and/or after data are accessed. Although numerous policies specification languages allow the specification, no systematic support is provided to enforce obligations within relational DBMS. In this paper, we make a step to fill this void presenting an approach to the definition of an enforcement monitor which handles privacy policies that include obligations. Such a monitor is derived from the same set of policies that must be enforced, and regulates the execution of SQL code based on the satisfaction of a variety of obligation types. The proposed solution is systematic, has been automated, does not require any programming activity and can be used with most of the existing relational DBMSs.

Keywords

SQL; data privacy; relational databases; SQL code execution; enforcement monitor; identifiable data; policies specification languages; privacy policies; relational DBMS; relational database management systems; sensitive data; stored personal data; systematic support; Authorization; Data models; Data privacy; Databases; Monitoring; Privacy; Unified modeling language; Obligations; aspect oriented programming; enforcement; model driven engineering; monitor; privacy policies; relational database management systems;

fLanguage

English

Journal_Title

Dependable and Secure Computing, IEEE Transactions on

Publisher

ieee

ISSN

1545-5971

Type

jour

DOI

10.1109/TDSC.2013.48

Filename

6654126