Title :
FENCE: Continuous access control enforcement in dynamic data stream environments
Author :
Nehme, Rimma V. ; Lim, Hyo-Sang ; Bertino, Elisa
Author_Institution :
Microsoft Jim Gray Syst. Lab., Madison, WI, USA
Abstract :
In this paper, we present FENCE framework that addresses the problem of continuous access control enforcement in dynamic data stream environments. The distinguishing characteristics of FENCE include: (1) the stream-centric approach to security, (2) the symmetric modeling of security for both continuous queries and streaming data, and (3) security-aware query processing that considers both regular and security-related selectivities. In FENCE, both data and query security restrictions are modeled in the form of streaming security metadata, called ¿security punctuations¿, embedded inside data streams. We have implemented FENCE in a prototype DSMS and briefly summarize our performance observations.
Keywords :
authorisation; meta data; query processing; FENCE; continuous access control enforcement; dynamic data stream environments; security aware query processing; security metadata; security punctuations; security related selectivities; security symmetric modeling; streaming data queries; Access control; Adaptive filters; Data privacy; Data security; Digital signal processing; Patient monitoring; Prototypes; Query processing; Runtime; Ubiquitous computing;
Conference_Titel :
Data Engineering (ICDE), 2010 IEEE 26th International Conference on
Conference_Location :
Long Beach, CA
Print_ISBN :
978-1-4244-5445-7
Electronic_ISBN :
978-1-4244-5444-0
DOI :
10.1109/ICDE.2010.5447899
