Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: De Capitani di Vimercati, Sabrinaa | Foresti, Saraa | Jajodia, Sushilb | Paraboschi, Stefanoc | Samarati, Pierangelaa; **
Affiliations: [a] DTI, Università degli Studi di Milano, Crema, Italy. E-mails: sabrina.decapitani@unimi.it, sara.foresti@unimi.it, pierangela.samarati@unimi.it | [b] CSIS, George Mason University, Fairfax, VA, USA. E-mail: jajodia@gmu.edu | [c] DIIMM, Università degli Studi di Bergamo, Dalmine, Italy. E-mail: parabosc@unibg.it
Correspondence: [**] Corresponding author: Pierangela Samarati, DTI, Università degli Studi di Milano, Via Bramante 65, 26013 Crema, Italy. Tel.: +39 0373 898061, Fax: +39 0373 898010; E-mail: pierangela.samarati@unimi.it.
Note: [*] A preliminary version of this paper appeared under the title “Controlled Information Sharing in Collaborative Distributed Query Processing”, in: Proc. of the 28th International Conference on Distributed Computing Systems (ICDCS 2008), June 17–20, Beijing, China, 2008 [11].
Abstract: We present a simple, yet powerful, approach for the specification and enforcement of authorizations regulating data release among data holders collaborating in a distributed computation, to ensure that query processing discloses only data whose release has been explicitly authorized. Data disclosure is captured by means of profiles, associated with each data computation, that describe the information carried by a base or a derived (i.e., computed by a query) relation. We present an algorithm that, given a query plan, determines whether it can be safely executed and produces a safe execution strategy for it. For each operation in a safe query plan, the algorithm determines the server(s) responsible for the execution, based on the entailed information flows, considering different strategies for the execution of joins. Finally, we discuss the architecture of a distributed database system based on the proposed model, illustrating possible design choices and their impact.
Keywords: Distributed query evaluation, authorized views, safe query planning
DOI: 10.3233/JCS-2010-0413
Journal: Journal of Computer Security, vol. 19, no. 4, pp. 751-794, 2011
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl