A Database Level Implementation To Enforce Fine Grained Access Control
database management systems;sound and secure query evaluation;fine grained access control
Arjun, Vinod ; Dr. Ting Yu, Committee Chair,Dr. Peng Ning, Committee Member,Dr. Rada Chirkova, Committee Member,Arjun, Vinod ; Dr. Ting Yu ; Committee Chair ; Dr. Peng Ning ; Committee Member ; Dr. Rada Chirkova ; Committee Member
As privacy protection has gained significant importance, organizations have been forced to protect individual preferences and comply with many enacted privacy laws. This has been a strong driving force for access control in relational databases. Traditional relation level access control is insufficient to address the increasingly complex requirements of access control policies where each cell in the relation might be governed by a separate policy. In order to address this demand, we are in need of a more fine grained access control scheme, at the row-level or even the cell-level. A recent research paper proposed correctness criteria for query evaluation algorithms enforcing fine grained access control and showed that existing approaches did not satisfy the criteria.In addition, the paper proposed a query modification approach to implement a sound and secure query evaluation algorithm enforcing fine grained access control. To evaluate queries involving moderate table sizes of 50000 and 100000 records we experimentally find that the implementation takes approximately 8 and 32 seconds respectively. This is approximately 10 times, on an average, slower than query evaluation algorithms without access control. This performance gap increases significantly with increase in table size, thus rendering it impractical. In this thesis, we modify the query evaluation engine of POSTGRESQL to enforce fine grained access control at the database level. We address a few challenges and propose optimizations to counter inefficiencies that we encounter when moving the access control scheme to the database level. We analyze the performance of our implementation using data sets with various properties and find that it performs approximately 10 times better compared to the query modification approach on moderate table sizes of 50000 and 100000 records. Also, we find that our implementation scales well with table size. Experimental results show that our implementation is comparable to the performance of query evaluation algorithms without access control and hence is practical.
【 预 览 】
附件列表
Files
Size
Format
View
A Database Level Implementation To Enforce Fine Grained Access Control
PDF
download
878987797
028-85220240
