Content-Based Access Control: Use data content to assist access control for large-scale content-centric databases

In conventional database access control models, access control policies are explicitly specified for each role against each data object. In large-scale content-centric data sharing, it might be difficult to explicitly identify accessible records for each role/user, especially when the semantic content of data is expected to play a role in access decisions. As a result, users are often over-privileged, and ex post facto auditing is enforced to detect misuse of the privileges. Unfortunately, it is usually difficult to reverse the damage, as (large amount of) data has been disclosed already. In this paper, we introduce Content-Based Access Control (CBAC), an innovative access control model for content-centric information sharing. CBAC is expected to be deployed on top of Role-Based Access Control (RBAC) or Multi-level Security (MLS), in the application scenarios where RBAC and MLS will give excessive access rights. As a complement to conventional access control models, the CBAC model makes access control decisions based on the content similarity. In CBAC, each user is allowed by an MLS or RBAC rule to access a large set of data objects, while the CBAC rule imposes an additional layer of restrictions that the user could only access “a subset” of the designated records. The boundary of the subset is dynamically determined by the textual content of data objects. We then present an enforcement mechanism for CBAC that exploits Oracle´s Virtual Private Database (VPD). To further improve the performance of the proposed approach, we introduce a content-based blocking mechanism to improve the efficiency of CBAC enforcement. We also develop a content annotation mechanism for more accurate textual content matching for short text snippets. Experimental results show that CBAC makes reasonable access control decisions with a small overhead.