An authorization model for query execution in the cloud

被引:1
|
作者
di Vimercati, Sabrina De Capitani [1 ]
Foresti, Sara [1 ]
Jajodia, Sushil [2 ]
Livraga, Giovanni [1 ]
Paraboschi, Stefano [3 ]
Samarati, Pierangela [1 ]
机构
[1] Univ Milan, Milan, Italy
[2] George Mason Univ, Fairfax, VA 22030 USA
[3] Univ Bergamo, Bergamo, Italy
来源
VLDB JOURNAL | 2022年 / 31卷 / 03期
基金
欧盟地平线“2020”; 美国国家科学基金会;
关键词
Authorization model; Collaborative query evaluation; Plaintext and encrypted visibility; Implicit attributes; Equivalent attributes; Relation profile;
D O I
10.1007/s00778-021-00709-x
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
We present a novel approach for the specification and enforcement of authorizations that enables controlled data sharing for collaborative queries in the cloud. Data authorities can establish authorizations regulating access to their data distinguishing three visibility levels (no visibility, encrypted visibility, and plaintext visibility). Authorizations are enforced accounting for the information content carried in the computation to ensure no information is improperly leaked and adjusting visibility of data on-the-fly. Assignment of operations to subjects takes into consideration the cost of operation execution as well as of the encryption/decryption operations needed to make the assignment authorized. Our approach enables users and data authorities to fully enjoy the benefits and economic savings of the competitive open cloud market, while maintaining control over data.
引用
收藏
页码:555 / 579
页数:25
相关论文
共 50 条
  • [1] An authorization model for query execution in the cloud
    Sabrina De Capitani di Vimercati
    Sara Foresti
    Sushil Jajodia
    Giovanni Livraga
    Stefano Paraboschi
    Pierangela Samarati
    The VLDB Journal, 2022, 31 : 555 - 579
  • [2] OCL as the query language for UML model execution
    Habela, Piotr
    Kaczmarski, Krzysztof
    Stencel, Krzysztof
    Subieta, Kazimierz
    COMPUTATIONAL SCIENCE - ICCS 2008, PT 3, 2008, 5103 : 311 - 320
  • [3] Data Warehouse MFRJ Query Execution Model for MapReduce
    Burdakov, Aleksey
    Grigorev, Uriy
    Proletarskaya, Victoria
    Ustimov, Artem
    IOTBDS: PROCEEDINGS OF THE 2ND INTERNATIONAL CONFERENCE ON INTERNET OF THINGS, BIG DATA AND SECURITY, 2017, : 206 - 215
  • [4] A Survey of IoT Stream Query Execution Latency Optimization within Edge and Cloud
    Abdullah, Fatima
    Peng, Limei
    Tak, Byungchul
    WIRELESS COMMUNICATIONS & MOBILE COMPUTING, 2021, 2021
  • [5] Trusted network authorization scheme based on cloud model
    Wu, Kun
    Li, Chuyan
    Journal of Convergence Information Technology, 2012, 7 (03) : 183 - 191
  • [6] AN AUTHORIZATION MODEL FOR MULTI-TENANCY SERVICES IN CLOUD
    Zhang, Zhaohai
    Wen, Qiaoyan
    2012 IEEE 2nd International Conference on Cloud Computing and Intelligent Systems (CCIS) Vols 1-3, 2012, : 260 - 263
  • [7] Authorization Model for Securing Cloud SaaS Services (Netflix)
    Ahmad, Tanveer
    Pandey, Rajiv
    Faisal, Mohammad
    INTERNATIONAL JOURNAL OF DISTRIBUTED SYSTEMS AND TECHNOLOGIES, 2022, 13 (08) : 16 - 16
  • [8] DESIGNING A HEALTHCARE AUTHORIZATION MODEL BASED ON CLOUD AUTHENTICATION
    Chen, Chin-Ling
    Yang, Tsai-Tung
    Leu, Fang-Yie
    Huang, Yi-Li
    INTELLIGENT AUTOMATION AND SOFT COMPUTING, 2014, 20 (03): : 365 - 379
  • [9] A Simplified Model for Simulating the Execution of a Workflow in Cloud
    Matha, Roland
    Ristov, Sasko
    Prodan, Radu
    EURO-PAR 2017: PARALLEL PROCESSING, 2017, 10417 : 319 - 331
  • [10] Authorization enforcement in distributed query evaluation
    di Vimercati, Sabrina
    Foresti, Sara
    Jajodia, Sushil
    Paraboschi, Stefano
    Samarati, Pierangela
    JOURNAL OF COMPUTER SECURITY, 2011, 19 (04) : 751 - 794
12345