Advanced Search
Volume 38 Issue 8
Sep.  2016
Turn off MathJax
Article Contents
Article Navigation >  Journal of Electronics & Information Technology  > 2016  >  38(8): 1935-1941
PAN Ying, YUAN Chang'an, LI Wenjing, CHENG Maohua. Access Control Method for Supporting Update Operations in Dataspace[J]. Journal of Electronics & Information Technology, 2016, 38(8): 1935-1941. doi: 10.11999/JEIT151212
Citation: PAN Ying, YUAN Chang'an, LI Wenjing, CHENG Maohua. Access Control Method for Supporting Update Operations in Dataspace[J]. Journal of Electronics & Information Technology, 2016, 38(8): 1935-1941. doi: 10.11999/JEIT151212
shu

Access Control Method for Supporting Update Operations in Dataspace

doi: 10.11999/JEIT151212

Funds:

The National Natural Science Foundation of China (61363074), The Natural Science Foundation of Guangxi Province of China (2013GXNSFAA019346), The Scientific Research Fund of Guangxi Education Department of China (2013YB148)

  • Received Date: 2015-11-03
  • Rev Recd Date: 2016-03-25
  • Publish Date: 2016-08-19
    Abstract
  • Dataspace is a new type of data management, which can manage the mass, heterogeneous, and dynamic data in a pay-as-you-go fashion. However, it is difficult to construct an effective access control mechanism in dataspace environment, because of the data dynamic evolution, the fine-grained and extremely loose data description. A fine-grained and dynamic access control mechanism supporting secure updates is presented in this paper for very loosely structured data model which is commonly used in dataspace. Firstly, a set of update operations are defined for modifying data in the dataspace, and the mapping functions are provided for mapping the updates data into relational databases. Secondly, the fine-grained access control rule supporting secure updates is given, and the consistency of the conversion between this rule and relational database access control rule is analyzed. Thirdly, an access request rewriting algorithm, which is sound and complete, is also presented for dynamically controlling read/write access to the data. The algorithm retrieves the related access control rules based on user's access request, and then rewrites the request by utilizing the relevant authority. Finally, the validity of the work in this paper is proved by the theory and the experiment.
    • FullText(HTML)
  • loading
    • References(25)
  • MARX V. Biology: The big challenges of big data[J]. Nature, 2013, 498(7453): 255-260.
    NGUYEN Q V H, NGUYEN T T, MIKLS Z, et al. Pay-as-you-go reconciliation in schema matching networks[C]. International Conference on Data Engineering (ICDE). Chicago, IL, USA, 2014: 220-231.
    HALEVY A, FRANKLIN M, and MAIER D. Principles of dataspace systems[C]. Proceedings of the 25th ACM
    SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems(PODS). Chicago, IL, USA, 2006: 1-9.
    李玉坤, 孟小峰, 张相於. 数据空间技术研究[J]. 软件学报, 2008, 19(8): 2018-2031.
    LI Yukun, MENG Xiaofeng, and ZHANG Xiangyu. Research on dataspace[J]. Journal of Software, 2008, 19(8): 2018-2031.
    潘颖, 汤庸, 刘海. 基于关系数据库的极松散结构数据模型的访问控制研究[J]. 电子学报, 2012, 40(3): 600-606.
    PAN Ying, TANG Yong, and LIU Hai. Access control in very loosely structured data model using relational databases[J]. Acta Electronica Sinica, 2012, 40(3): 600-606.
    LALLALI S, ANCIAUX N, SANDU POPA I, et al. A secure search engine for the personal cloud[C]. Proceedings of the ACM SIGMOD International Conference on Management of Data. Melbourne, VIC, Australia, 2015: 1445-1450.
    ELSAYED I, LUDESCHER T, SCHWARZ K, et al. Towards realization of scientific dataspaces for the breath gas analysis research community[C]. CEUR Workshop Proceedings, Temuco, Chile, 2009: 1-8.
    JIN Lei, ZHANG Yawei, and YE Xiaojun. An extensible data model with security support for dataspace management[C]. Proceedings of the 10th International Conference on High Performance Computing and Communications (HPCC). Dalian, China, 2008: 556-563.
    DITTRICH J P and SALLES M A V. iDM: a unified and versatile data model for personal dataspace management[C]. Proceedings of the 32nd International Conference on Very Large Data Bases. Seoul, Korea, 2006: 367-378.
    LIM C H, PARK S, and SON S H. Access control of XML documents considering update operations[C]. Proceedings of the ACM Workshop on XML Security. ACM, Fairfax, VA, USA, 2003: 49-59.
    FUNDULAKI I and MANETH S. Formalizing XML access control for update operations[C]. Proceedings of the 12th ACM Symposium on Access Control Models and Technologies. Sophia Antipolis, France, 2007: 169-174.
    JACQUEMARD F and RUSINOWITCH M. Rewrite-based verification of XML updates[C]. Proceedings of the 12thInternational ACM SIGPLAN Symposium on Principles and Practice of Declarative Programming. Hagenberg, Austria, 2010: 119-130.
    BRAVO L, CHENEY J, FUNDULAKI I, et al. Consistency and repair for XML write-access control policies[J]. The VLDB Journal, 2012, 21(6): 843-867.
    MIRABI M, IBRAHIM H, FATHI L, et al. A dynamic compressed accessibility map for secure XML querying and updating[J]. Journal of Information Science and Engineering, 2015, 31(1): 59-93.
    SAYAH T, COQUERY E, THION R, et al. Inference Leakage Detection for Authorization Policies over RDF Data[M]. Data and Applications Security and Privacy. Berlin, Germany, Springer International Publishing, 2015: 346-361.
    RACHAPALLI J, KHADILKAR V, KANTARCIOGLU M, et al. Towards fine grained RDF access control[C]. Proceedings of the 19th ACM Symposium on Access Control Models and Technologies. London, ON, Canada, 2014: 165-176.
    付东来, 彭新光, 杨玉丽. 基于可信平台模块的外包数据安全访问方案[J]. 电子与信息学报, 2013, 35(7): 1766-1773. doi: 10.3724/SP.J.1146.2012.01321.
    FU Donglai, PENG Xinguang, and YANG Yuli. Trusted platform module-based scheme for secure access to outsourced data[J]. Journal of Electronics Information Technology, 2013, 35(7): 1766-1773. doi: 10.3724/SP.J.1146. 2012.01321.
    刘西蒙, 马建峰, 熊金波, 等. 云计算环境下基于属性的可净化签名方案[J]. 电子与信息学报, 2014, 36(7): 1749-1754. doi: 10.3724/SP.J.1146.2013.01154.
    LIU Ximeng, MA Jianfeng, XIONG Jinbo, et al. Attribute based sanitizable signature scheme in cloud computing[J]. Journal of Electronics Information Technology, 2014, 36(7): 1749-1754. doi: 10.3724/SP.J.1146.2013.01154.
    EL-AZIZ A, AHMED A E A, and KANNAN A. XML access control: mapping XACML Policies to relational database tables[J]. International Arab Journal of Information Technology, 2014, 11(6): 532-539.
    PAPAKON STANTINOU V, MICHOU M, FUNDULAKI I, et al. Access control for RDF graphs using abstract models[C]. Proceedings of the 17th ACM Symposium on Access Control Models and Technologies. Newark, NJ, USA, 2012: 103-112.
    • Relative Articles
    • Supplements(0)
    • Cited By
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索
    Get Citation
    PDF
    XML

    Article Metrics

    Article views (1022) PDF downloads(347) Cited by()
    Proportional views
    Related

    © 2018 JOURNAL OF ELECTRONICS & INFORMATION TECHNOLOGY 京ICP备20021838号-8

    Institute of Electronics, Chinese Academy of Sciences, P.O.Box 2702, Beijing100190

    Tel:010-58887066Fax:021-64253812Email:jeit@mail.ie.ac.cn

    Supported by: Beijing Renhe Information Technology Co. Ltd

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return