高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

一种支持更新操作的数据空间访问控制方法

潘颖 元昌安 李文敬 程茂华

潘颖, 元昌安, 李文敬, 程茂华. 一种支持更新操作的数据空间访问控制方法[J]. 电子与信息学报, 2016, 38(8): 1935-1941. doi: 10.11999/JEIT151212
引用本文: 潘颖, 元昌安, 李文敬, 程茂华. 一种支持更新操作的数据空间访问控制方法[J]. 电子与信息学报, 2016, 38(8): 1935-1941. doi: 10.11999/JEIT151212
PAN Ying, YUAN Chang'an, LI Wenjing, CHENG Maohua. Access Control Method for Supporting Update Operations in Dataspace[J]. Journal of Electronics & Information Technology, 2016, 38(8): 1935-1941. doi: 10.11999/JEIT151212
Citation: PAN Ying, YUAN Chang'an, LI Wenjing, CHENG Maohua. Access Control Method for Supporting Update Operations in Dataspace[J]. Journal of Electronics & Information Technology, 2016, 38(8): 1935-1941. doi: 10.11999/JEIT151212

一种支持更新操作的数据空间访问控制方法

doi: 10.11999/JEIT151212
基金项目: 

国家自然科学基金(61363074),广西自然科学基金(2013GXNSFAA019346),广西教育厅科研项目(2013YB148)

Access Control Method for Supporting Update Operations in Dataspace

Funds: 

The National Natural Science Foundation of China (61363074), The Natural Science Foundation of Guangxi Province of China (2013GXNSFAA019346), The Scientific Research Fund of Guangxi Education Department of China (2013YB148)

  • 摘要: 数据空间是一种新型的数据管理方式,能够以pay-as-you-go模式管理海量、动态、异构的数据。然而,由于数据空间环境下数据的动态演化、数据描述的细粒度和极松散性等原因,难于构建有效的访问控制机制。该文提出一个针对数据空间环境下极松散结构模型,重点支持更新操作的细粒度和动态的访问控制框架。首先定义更新操作集用于数据空间的数据更新,提出支持更新操作的映射方法,可将动态数据映射到关系数据库中;给出支持更新操作权限的数据空间访问控制规则的定义,并分析与关系数据库的访问控制规则二者转换的一致性;然后提出具有可靠性和完备性的访问请求动态重写算法,该算法根据用户的读/写访问请求检索相关访问控制规则,使用相关权限信息重写访问请求,从而实现支持动态更新的细粒度数据空间访问控制。理论和实验证明该框架是可行和有效的。
  • MARX V. Biology: The big challenges of big data[J]. Nature, 2013, 498(7453): 255-260.
    NGUYEN Q V H, NGUYEN T T, MIKLS Z, et al. Pay-as-you-go reconciliation in schema matching networks[C]. International Conference on Data Engineering (ICDE). Chicago, IL, USA, 2014: 220-231.
    HALEVY A, FRANKLIN M, and MAIER D. Principles of dataspace systems[C]. Proceedings of the 25th ACM
    SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems(PODS). Chicago, IL, USA, 2006: 1-9.
    李玉坤, 孟小峰, 张相於. 数据空间技术研究[J]. 软件学报, 2008, 19(8): 2018-2031.
    LI Yukun, MENG Xiaofeng, and ZHANG Xiangyu. Research on dataspace[J]. Journal of Software, 2008, 19(8): 2018-2031.
    潘颖, 汤庸, 刘海. 基于关系数据库的极松散结构数据模型的访问控制研究[J]. 电子学报, 2012, 40(3): 600-606.
    PAN Ying, TANG Yong, and LIU Hai. Access control in very loosely structured data model using relational databases[J]. Acta Electronica Sinica, 2012, 40(3): 600-606.
    LALLALI S, ANCIAUX N, SANDU POPA I, et al. A secure search engine for the personal cloud[C]. Proceedings of the ACM SIGMOD International Conference on Management of Data. Melbourne, VIC, Australia, 2015: 1445-1450.
    ELSAYED I, LUDESCHER T, SCHWARZ K, et al. Towards realization of scientific dataspaces for the breath gas analysis research community[C]. CEUR Workshop Proceedings, Temuco, Chile, 2009: 1-8.
    JIN Lei, ZHANG Yawei, and YE Xiaojun. An extensible data model with security support for dataspace management[C]. Proceedings of the 10th International Conference on High Performance Computing and Communications (HPCC). Dalian, China, 2008: 556-563.
    DITTRICH J P and SALLES M A V. iDM: a unified and versatile data model for personal dataspace management[C]. Proceedings of the 32nd International Conference on Very Large Data Bases. Seoul, Korea, 2006: 367-378.
    LIM C H, PARK S, and SON S H. Access control of XML documents considering update operations[C]. Proceedings of the ACM Workshop on XML Security. ACM, Fairfax, VA, USA, 2003: 49-59.
    FUNDULAKI I and MANETH S. Formalizing XML access control for update operations[C]. Proceedings of the 12th ACM Symposium on Access Control Models and Technologies. Sophia Antipolis, France, 2007: 169-174.
    JACQUEMARD F and RUSINOWITCH M. Rewrite-based verification of XML updates[C]. Proceedings of the 12thInternational ACM SIGPLAN Symposium on Principles and Practice of Declarative Programming. Hagenberg, Austria, 2010: 119-130.
    BRAVO L, CHENEY J, FUNDULAKI I, et al. Consistency and repair for XML write-access control policies[J]. The VLDB Journal, 2012, 21(6): 843-867.
    MIRABI M, IBRAHIM H, FATHI L, et al. A dynamic compressed accessibility map for secure XML querying and updating[J]. Journal of Information Science and Engineering, 2015, 31(1): 59-93.
    SAYAH T, COQUERY E, THION R, et al. Inference Leakage Detection for Authorization Policies over RDF Data[M]. Data and Applications Security and Privacy. Berlin, Germany, Springer International Publishing, 2015: 346-361.
    RACHAPALLI J, KHADILKAR V, KANTARCIOGLU M, et al. Towards fine grained RDF access control[C]. Proceedings of the 19th ACM Symposium on Access Control Models and Technologies. London, ON, Canada, 2014: 165-176.
    付东来, 彭新光, 杨玉丽. 基于可信平台模块的外包数据安全访问方案[J]. 电子与信息学报, 2013, 35(7): 1766-1773. doi: 10.3724/SP.J.1146.2012.01321.
    FU Donglai, PENG Xinguang, and YANG Yuli. Trusted platform module-based scheme for secure access to outsourced data[J]. Journal of Electronics Information Technology, 2013, 35(7): 1766-1773. doi: 10.3724/SP.J.1146. 2012.01321.
    刘西蒙, 马建峰, 熊金波, 等. 云计算环境下基于属性的可净化签名方案[J]. 电子与信息学报, 2014, 36(7): 1749-1754. doi: 10.3724/SP.J.1146.2013.01154.
    LIU Ximeng, MA Jianfeng, XIONG Jinbo, et al. Attribute based sanitizable signature scheme in cloud computing[J]. Journal of Electronics Information Technology, 2014, 36(7): 1749-1754. doi: 10.3724/SP.J.1146.2013.01154.
    EL-AZIZ A, AHMED A E A, and KANNAN A. XML access control: mapping XACML Policies to relational database tables[J]. International Arab Journal of Information Technology, 2014, 11(6): 532-539.
    PAPAKON STANTINOU V, MICHOU M, FUNDULAKI I, et al. Access control for RDF graphs using abstract models[C]. Proceedings of the 17th ACM Symposium on Access Control Models and Technologies. Newark, NJ, USA, 2012: 103-112.
  • 加载中
计量
  • 文章访问数:  1031
  • HTML全文浏览量:  115
  • PDF下载量:  347
  • 被引次数: 0
出版历程
  • 收稿日期:  2015-11-03
  • 修回日期:  2016-03-25
  • 刊出日期:  2016-08-19

目录

    /

    返回文章
    返回