Entry Carminati:2010:FEA from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Carminati:2010:FEA,
  author =       "Barbara Carminati and Elena Ferrari and Jianneng Cao
                 and Kian Lee Tan",
  title =        "A framework to enforce access control over data
                 streams",
  journal =      j-TISSEC,
  volume =       "13",
  number =       "3",
  pages =        "28:1--28:??",
  month =        jul,
  year =         "2010",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/1805974.1805984",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Wed Jul 28 14:57:15 MDT 2010",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib",
  abstract =     "Although access control is currently a key component
                 of any computational system, it is only recently that
                 mechanisms to guard against unauthorized access to
                 streaming data have started to be investigated. To cope
                 with this lack, in this article, we propose a general
                 framework to protect streaming data, which is, as much
                 as possible, independent from the target stream engine.
                 Differently from RDBMSs, up to now a standard query
                 language for data streams has not yet emerged and this
                 makes the development of a general solution to access
                 control enforcement more difficult. The framework we
                 propose in this article is based on an expressive
                 role-based access control model proposed by us. It
                 exploits a query rewriting mechanism, which rewrites
                 user queries in such a way that they do not return
                 tuples/attributes that should not be accessed according
                 to the specified access control policies. Furthermore,
                 the framework contains a deployment module able to
                 translate the rewritten query in such a way that it can
                 be executed by different stream engines, therefore,
                 overcoming the lack of standardization. In the article,
                 besides presenting all the components of our framework,
                 we prove the correctness and completeness of the query
                 rewriting algorithm, and we present some experiments
                 that show the feasibility of the developed
                 techniques.",
  acknowledgement = ack-nhfb,
  articleno =    "28",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
  keywords =     "access control; Data stream; secure query rewriting",
}

Related entries