An authorization model for query execution in the cloud

Abstract: We present a novel approach for the specification and enforcement of authorizations that enables controlled data sharing for collaborative queries in the cloud. Data authorities can establish authorizations regulating access to their data distinguishing three visibility levels (no visibility, encrypted visibility, and plaintext visibility). Authorizations are enforced accounting for the information content carried in the computation to ensure no information is improperly leaked and adjusting visibility of data… Show more

“…A recent approach for supporting the collaborative execution of queries over distributed data collections introduces an authorization model regulating the data on which different providers have explicit visibility [51]. This solution supports queries of the general form "select from where group by having" and their execution is performed according to a query plan that is represented as a tree T(N), with N the set of nodes in the tree, whose leaf nodes are base relations and whose internal nodes are the relational operations to be executed to perform the query.…”

“…Visible and implicit attributes are distinguished between plaintext (i.e., R vp and R ip ) and encrypted (i.e., R ve and R ie ). Note that the profile of a relation can be extended to take into consideration the fact that the attributes used in a query can be renamed and that the relations managed by their data owners can also be stored in encrypted form [51,52].…”

“…The computation of a minimum cost assignment needs to consider the cost of executing a computation, the cost of transferring data between different subjects involved in the computation, and also the cost of possible encryption/ decryption operations that would be required for the selected candidates to be authorized for the operations assigned to them [51].…”

Protecting Data and Queries in Cloud-Based Scenarios

“…A recent approach for supporting the collaborative execution of queries over distributed data collections introduces an authorization model regulating the data on which different providers have explicit visibility [51]. This solution supports queries of the general form "select from where group by having" and their execution is performed according to a query plan that is represented as a tree T(N), with N the set of nodes in the tree, whose leaf nodes are base relations and whose internal nodes are the relational operations to be executed to perform the query.…”

“…Visible and implicit attributes are distinguished between plaintext (i.e., R vp and R ip ) and encrypted (i.e., R ve and R ie ). Note that the profile of a relation can be extended to take into consideration the fact that the attributes used in a query can be renamed and that the relations managed by their data owners can also be stored in encrypted form [51,52].…”

“…The computation of a minimum cost assignment needs to consider the cost of executing a computation, the cost of transferring data between different subjects involved in the computation, and also the cost of possible encryption/ decryption operations that would be required for the selected candidates to be authorized for the operations assigned to them [51].…”

Protecting Data and Queries in Cloud-Based Scenarios

Improved dropping attacks detecting system in 5g networks using machine learning and deep learning approaches

Distributed query execution under access restrictions