Enabling intensional access control via preference-aware query optimization

Nicholas L. Farnan; Adam J. Lee; Panos K. Chrysanthis; Ting Yu

doi:10.1145/2462410.2462428

Enabling intensional access control via preference-aware query optimization

Nicholas L. Farnan, Adam J. Lee, Panos K. Chrysanthis, Ting Yu

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

2 Citations (Scopus)

Abstract

Although the declarative nature of SQL provides great utility to database users, its use in distributed database management systems can result in unintended consequences to user privacy over the course of query evaluation. By allowing users to merely say what data they are interested in accessing without providing guidance regarding how to retrieve it, query optimizers can generate plans that leak sensitive query intension. To address these types of issues, we have created a framework that empowers users with the ability to specify access controls on the intension of their queries through extensions to the SQL SELECT statement. In this demonstration, we present a version of PostgreSQL's query optimizer that we have modified to produce plans that respect these constraints while optimizing user-specified SQL queries in terms of performance.

Original language	English
Title of host publication	SACMAT 2013 - Proceedings of the 18th ACM Symposium on Access Control Models and Technologies
Pages	189-192
Number of pages	4
DOIs	https://doi.org/10.1145/2462410.2462428
Publication status	Published - 2013
Externally published	Yes
Event	18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013 - Amsterdam, Netherlands Duration: 12 Jun 2013 → 14 Jun 2013

Publication series

Name	Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

Conference

Conference	18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013
Country/Territory	Netherlands
City	Amsterdam
Period	12/06/13 → 14/06/13

Keywords

Distributed databases
Preference SQL
Privacy
Query optimization

Access to Document

10.1145/2462410.2462428

Cite this

Farnan, N. L., Lee, A. J., Chrysanthis, P. K., & Yu, T. (2013). Enabling intensional access control via preference-aware query optimization. In SACMAT 2013 - Proceedings of the 18th ACM Symposium on Access Control Models and Technologies (pp. 189-192). (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT). https://doi.org/10.1145/2462410.2462428

@inproceedings{ef5ad376923c40cc9666f55b7ae04d7d,

title = "Enabling intensional access control via preference-aware query optimization",

abstract = "Although the declarative nature of SQL provides great utility to database users, its use in distributed database management systems can result in unintended consequences to user privacy over the course of query evaluation. By allowing users to merely say what data they are interested in accessing without providing guidance regarding how to retrieve it, query optimizers can generate plans that leak sensitive query intension. To address these types of issues, we have created a framework that empowers users with the ability to specify access controls on the intension of their queries through extensions to the SQL SELECT statement. In this demonstration, we present a version of PostgreSQL's query optimizer that we have modified to produce plans that respect these constraints while optimizing user-specified SQL queries in terms of performance.",

keywords = "Distributed databases, Preference SQL, Privacy, Query optimization",

author = "Farnan, {Nicholas L.} and Lee, {Adam J.} and Chrysanthis, {Panos K.} and Ting Yu",

year = "2013",

doi = "10.1145/2462410.2462428",

language = "English",

isbn = "9781450319508",

series = "Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT",

pages = "189--192",

booktitle = "SACMAT 2013 - Proceedings of the 18th ACM Symposium on Access Control Models and Technologies",

note = "18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013 ; Conference date: 12-06-2013 Through 14-06-2013",

}

Farnan, NL, Lee, AJ, Chrysanthis, PK & Yu, T 2013, Enabling intensional access control via preference-aware query optimization. in SACMAT 2013 - Proceedings of the 18th ACM Symposium on Access Control Models and Technologies. Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, pp. 189-192, 18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013, Amsterdam, Netherlands, 12/06/13. https://doi.org/10.1145/2462410.2462428

Enabling intensional access control via preference-aware query optimization. / Farnan, Nicholas L.; Lee, Adam J.; Chrysanthis, Panos K. et al.
SACMAT 2013 - Proceedings of the 18th ACM Symposium on Access Control Models and Technologies. 2013. p. 189-192 (Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Enabling intensional access control via preference-aware query optimization

AU - Farnan, Nicholas L.

AU - Lee, Adam J.

AU - Chrysanthis, Panos K.

AU - Yu, Ting

PY - 2013

Y1 - 2013

N2 - Although the declarative nature of SQL provides great utility to database users, its use in distributed database management systems can result in unintended consequences to user privacy over the course of query evaluation. By allowing users to merely say what data they are interested in accessing without providing guidance regarding how to retrieve it, query optimizers can generate plans that leak sensitive query intension. To address these types of issues, we have created a framework that empowers users with the ability to specify access controls on the intension of their queries through extensions to the SQL SELECT statement. In this demonstration, we present a version of PostgreSQL's query optimizer that we have modified to produce plans that respect these constraints while optimizing user-specified SQL queries in terms of performance.

AB - Although the declarative nature of SQL provides great utility to database users, its use in distributed database management systems can result in unintended consequences to user privacy over the course of query evaluation. By allowing users to merely say what data they are interested in accessing without providing guidance regarding how to retrieve it, query optimizers can generate plans that leak sensitive query intension. To address these types of issues, we have created a framework that empowers users with the ability to specify access controls on the intension of their queries through extensions to the SQL SELECT statement. In this demonstration, we present a version of PostgreSQL's query optimizer that we have modified to produce plans that respect these constraints while optimizing user-specified SQL queries in terms of performance.

KW - Distributed databases

KW - Preference SQL

KW - Privacy

KW - Query optimization

UR - http://www.scopus.com/inward/record.url?scp=84883131273&partnerID=8YFLogxK

U2 - 10.1145/2462410.2462428

DO - 10.1145/2462410.2462428

M3 - Conference contribution

AN - SCOPUS:84883131273

SN - 9781450319508

T3 - Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT

SP - 189

EP - 192

BT - SACMAT 2013 - Proceedings of the 18th ACM Symposium on Access Control Models and Technologies

T2 - 18th ACM Symposium on Access Control Models and Technologies, SACMAT 2013

Y2 - 12 June 2013 through 14 June 2013

ER -

Enabling intensional access control via preference-aware query optimization

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this