Database security - concepts, approaches, and challenges

Bertino, Elisa; Sandhu, Ravi

doi:10.1109/tdsc.2005.9

Cited by 340 publications

(192 citation statements)

References 83 publications

Supporting

Mentioning

191

Contrasting

Unclassified

Order By: Relevance

“…Because of its importance, a lot of prior research has focused on database security [3]. This paper focuses on row-level access control [3] that follows the Truman model 3 [19].…”

Section: Background and Related Workmentioning

confidence: 99%

SEQUOIA: Scalable Policy-Based Access Control for Search Operations in Data-Driven Applications

Bogaerts

Lagaisse

Joosen

2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. Policy-based access control is a technology that achieves separation of concerns through evaluating an externalized policy at each access attempt. While this approach has been well-established for requestresponse applications, it is not supported for database queries of datadriven applications, especially for attribute-based policies. In particular, search operations for such applications involve poor scalability with regard to the data set size for this approach, because they are influenced by dynamic runtime conditions. This paper proposes a scalable application-level middleware solution that performs runtime injection of the appropriate rules into the original search query, so that the result set of the search includes only items to which the subject is entitled. Our evaluation shows that our method scales far better than current state of practice approach that supports policy-based access control.

show abstract

“…Because of its importance, a lot of prior research has focused on database security [3]. This paper focuses on row-level access control [3] that follows the Truman model 3 [19].…”

Section: Background and Related Workmentioning

confidence: 99%

SEQUOIA: Scalable Policy-Based Access Control for Search Operations in Data-Driven Applications

Bogaerts

Lagaisse

Joosen

2017

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…Usually, confidentiality is achieved by enforcing an access policy, or possibly by using some cryptographic tools. Privacy relates to what data can be safely disclosed without leaking sensitive information regarding the legitimate owner [5].…”

Section: Introductionmentioning

confidence: 99%

Anonymizing and Confidential Databases for Privacy Protection Using Suppression and Generalization Based Protocols

Sathyamoorthy¹,

Miranda²,

Lakshmi³

2015

IJCATR

View full text Add to dashboard Cite

show abstract

“…By using appropriate data mining techniques it is possible to explore the hidden patterns. But the threat to privacy becomes real since data mining techniques are able to derive highly sensitive knowledge from unclassified data which is not even known to database holders [6] . In order to overcome this issue the data owners may decide not to share or release such data for analysis provided they should make a compromise for exploring hidden knowledge [7] .…”

Section: Introductionmentioning

confidence: 99%

An Effective Data Transformation Approach for Privacy Preserving Clustering

Rajalaxmi¹,

Natarajan²

2008

J. of Computer Science

View full text Add to dashboard Cite

Abstract:A new stream of research privacy preserving data mining emerged due to the recent advances in data mining, Internet and security technologies. Data sharing among organizations considered to be useful which offer mutual benefit for business growth. Preserving the privacy of shared data for clustering was considered as the most challenging problem. To overcome the problem, the data owner published the data by random modification of the original data in certain way to disguise the sensitive information while preserving the particular data property. Data transformation techniques played a vital role to preserve privacy in data mining. We put forward an effective approach which defeats the problem of addressing privacy of confidential categorical data in clustering. A set of hybrid data transformations are introduced (HDTTR and HDTSR) and the effectiveness of the approach has been analyzed. A complete analysis of the proposed approach and a formal study of the problem have been done. Our proposed approach illustrates the effectiveness of clustering of sensitive categorical data before and after the transformation.

show abstract

Database security - concepts, approaches, and challenges

Cited by 340 publications

References 83 publications

SEQUOIA: Scalable Policy-Based Access Control for Search Operations in Data-Driven Applications

SEQUOIA: Scalable Policy-Based Access Control for Search Operations in Data-Driven Applications

Anonymizing and Confidential Databases for Privacy Protection Using Suppression and Generalization Based Protocols

An Effective Data Transformation Approach for Privacy Preserving Clustering

Contact Info

Product

Resources

About