Title :
Efficient Enforcement of Action-Aware Purpose-Based Access Control within Relational Database Management Systems
Author :
Colombo, Pietro ; Ferrari, Elena
Author_Institution :
Dipt. di Sci. Teoriche e Applicate, Univ. degli Studi dell´Insubria, Varese, Italy
Abstract :
Among the variety of access control models proposed for database management systems (DBMSs) a key role is covered by the purpose-based access control model, which, while enforcing access control, also achieves basic privacy preservation. We believe that DBMSs could greatly take benefit from the integration of an enhanced purpose based model supporting highly customized and efficient access control. Therefore, in this paper, we propose a purpose-based model that supports action-aware policy specification and a related efficient enforcement framework to be integrated into relational DBMSs. The experimental evaluation we have performed shows the feasibility and efficiency of the proposed framework.
Keywords :
authorisation; data privacy; relational databases; action-aware policy specification; action-aware purpose-based access control; enforcement framework; privacy preservation; relational DBMS; relational database management systems; Access control; Data models; Data privacy; Databases; Joints; Temperature sensors; Purpose based access control; action awareness; enforcement; relational database management systems;
Journal_Title :
Knowledge and Data Engineering, IEEE Transactions on
DOI :
10.1109/TKDE.2015.2411595
