OBSERVATION-BASED FINE GRAINED ACCESS CONTROL FOR RELATIONAL DATABASES

Raju Halder; Agostino Cortesi

doi:10.5220/0003006202540265

OBSERVATION-BASED FINE GRAINED ACCESS CONTROL FOR RELATIONAL DATABASES

Raju Halder, Agostino Cortesi

2010

Abstract

Fine Grained Access Control (FGAC) provides users the access to the non-confidential database information while preventing unauthorized leakage of the confidential data. It provides two extreme views to the database information: completely public or completely hidden. In this paper, we propose an Observation-based Fine Grained Access Control (OFGAC) mechanism based on the Abstract Interpretation framework where data are made accessible at various level of abstraction. In this setting, unauthorized users are not able to infer the exact content of a cell containing confidential information, while they are allowed to get partial information out of it, according to their access rights. Different level of sensitivity of the information correspond to different level of abstraction. In this way, we can tune different parts of the same database content according to different level of abstraction at the same time. The traditional FGAC can be seen as a special case of the OFGAC framework.

Download

Paper Citation

in Harvard Style

Halder R. and Cortesi A. (2010). OBSERVATION-BASED FINE GRAINED ACCESS CONTROL FOR RELATIONAL DATABASES . In Proceedings of the 5th International Conference on Software and Data Technologies - Volume 1: ICSOFT, ISBN 978-989-8425-22-5, pages 254-265. DOI: 10.5220/0003006202540265

in Bibtex Style

@conference{icsoft10,
author={Raju Halder and Agostino Cortesi},
title={OBSERVATION-BASED FINE GRAINED ACCESS CONTROL FOR RELATIONAL DATABASES},
booktitle={Proceedings of the 5th International Conference on Software and Data Technologies - Volume 1: ICSOFT,},
year={2010},
pages={254-265},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003006202540265},
isbn={978-989-8425-22-5},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 5th International Conference on Software and Data Technologies - Volume 1: ICSOFT,
TI - OBSERVATION-BASED FINE GRAINED ACCESS CONTROL FOR RELATIONAL DATABASES
SN - 978-989-8425-22-5
AU - Halder R.
AU - Cortesi A.
PY - 2010
SP - 254
EP - 265
DO - 10.5220/0003006202540265