Sciweavers

SIGMOD
2006
ACM

Redundancy and information leakage in fine-grained access control

14 years 11 months ago
Redundancy and information leakage in fine-grained access control
The current SQL standard for access control is coarse grained, in that it grants access to all rows of a table or none. Fine-grained access control, which allows control of access at the granularity of individual rows, and to specific columns within those rows, is required in practically all database applications. There are several models for fine grained access control, but the majority of them follow a view replacement strategy. There are two significant problems with most implementations of the view replacement model, namely (a) the unnecessary overhead of the access control predicates when they are redundant and (b) the potential of information leakage through channels such as user-defined functions, and operations that cause exceptions and error messages. We first propose techniques for redundancy removal. We then define when a query plan is safe with respect to UDFs and other unsafe functions, and propose techniques to generate safe query plans. We have prototyped redundancy rem...
Govind Kabra, Ravishankar Ramamurthy, S. Sudarshan
Added 08 Dec 2009
Updated 08 Dec 2009
Type Conference
Year 2006
Where SIGMOD
Authors Govind Kabra, Ravishankar Ramamurthy, S. Sudarshan
Comments (0)