Correspondence:
[**]
Corresponding author: Pierangela Samarati, DTI, Università degli Studi di Milano, Via Bramante 65, 26013 Crema, Italy. Tel.: +39 0373 898061, Fax: +39 0373 898010; E-mail: pierangela.samarati@unimi.it.
Note: [*] A preliminary version of this paper appeared under the title “Controlled Information Sharing in Collaborative Distributed Query Processing”, in: Proc. of the 28th International Conference on Distributed Computing Systems (ICDCS 2008), June 17–20, Beijing, China, 2008 [11].
Abstract: We present a simple, yet powerful, approach for the specification and enforcement of authorizations regulating data release among data holders collaborating in a distributed computation, to ensure that query processing discloses only data whose release has been explicitly authorized. Data disclosure is captured by means of profiles, associated with each data computation, that describe the information carried by a base or a derived (i.e., computed by a query) relation. We present an algorithm that, given a query plan, determines whether it can be safely executed and produces a safe execution strategy for it. For each operation in a safe query plan, the algorithm determines the server(s) responsible for the execution, based on the entailed information flows, considering different strategies for the execution of joins. Finally, we discuss the architecture of a distributed database system based on the proposed model, illustrating possible design choices and their impact.
