2016, 38(8): 1935-1941.
doi: 10.11999/JEIT151212
Abstract:
Dataspace is a new type of data management, which can manage the mass, heterogeneous, and dynamic data in a pay-as-you-go fashion. However, it is difficult to construct an effective access control mechanism in dataspace environment, because of the data dynamic evolution, the fine-grained and extremely loose data description. A fine-grained and dynamic access control mechanism supporting secure updates is presented in this paper for very loosely structured data model which is commonly used in dataspace. Firstly, a set of update operations are defined for modifying data in the dataspace, and the mapping functions are provided for mapping the updates data into relational databases. Secondly, the fine-grained access control rule supporting secure updates is given, and the consistency of the conversion between this rule and relational database access control rule is analyzed. Thirdly, an access request rewriting algorithm, which is sound and complete, is also presented for dynamically controlling read/write access to the data. The algorithm retrieves the related access control rules based on user's access request, and then rewrites the request by utilizing the relevant authority. Finally, the validity of the work in this paper is proved by the theory and the experiment.