A Database Level Implementation To Enforce Fine Grained Access Control
| dc.contributor.advisor | Dr. Ting Yu, Committee Chair | en_US |
| dc.contributor.advisor | Dr. Peng Ning, Committee Member | en_US |
| dc.contributor.advisor | Dr. Rada Chirkova, Committee Member | en_US |
| dc.contributor.author | Arjun, Vinod | en_US |
| dc.date.accessioned | 2010-04-02T17:59:25Z | |
| dc.date.available | 2010-04-02T17:59:25Z | |
| dc.date.issued | 2008-05-06 | en_US |
| dc.degree.discipline | Computer Science | en_US |
| dc.degree.level | thesis | en_US |
| dc.degree.name | MS | en_US |
| dc.description.abstract | As privacy protection has gained significant importance, organizations have been forced to protect individual preferences and comply with many enacted privacy laws. This has been a strong driving force for access control in relational databases. Traditional relation level access control is insufficient to address the increasingly complex requirements of access control policies where each cell in the relation might be governed by a separate policy. In order to address this demand, we are in need of a more fine grained access control scheme, at the row-level or even the cell-level. A recent research paper proposed correctness criteria for query evaluation algorithms enforcing fine grained access control and showed that existing approaches did not satisfy the criteria. In addition, the paper proposed a query modification approach to implement a sound and secure query evaluation algorithm enforcing fine grained access control. To evaluate queries involving moderate table sizes of 50000 and 100000 records we experimentally find that the implementation takes approximately 8 and 32 seconds respectively. This is approximately 10 times, on an average, slower than query evaluation algorithms without access control. This performance gap increases significantly with increase in table size, thus rendering it impractical. In this thesis, we modify the query evaluation engine of POSTGRESQL to enforce fine grained access control at the database level. We address a few challenges and propose optimizations to counter inefficiencies that we encounter when moving the access control scheme to the database level. We analyze the performance of our implementation using data sets with various properties and find that it performs approximately 10 times better compared to the query modification approach on moderate table sizes of 50000 and 100000 records. Also, we find that our implementation scales well with table size. Experimental results show that our implementation is comparable to the performance of query evaluation algorithms without access control and hence is practical. | en_US |
| dc.identifier.other | etd-05012008-123255 | en_US |
| dc.identifier.uri | http://www.lib.ncsu.edu/resolver/1840.16/910 | |
| dc.rights | I hereby certify that, if appropriate, I have obtained and attached hereto a written permission statement from the owner(s) of each third party copyrighted matter to be included in my thesis, dis sertation, or project report, allowing distribution as specified below. I certify that the version I submitted is the same as that approved by my advisory committee. I hereby grant to NC State University or its agents the non-exclusive license to archive and make accessible, under the conditions specified below, my thesis, dissertation, or project report in whole or in part in all forms of media, now or hereafter known. I retain all other ownership rights to the copyright of the thesis, dissertation or project report. I also retain the right to use in future works (such as articles or books) all or part of this thesis, dissertation, or project report. | en_US |
| dc.subject | database management systems | en_US |
| dc.subject | sound and secure query evaluation | en_US |
| dc.subject | fine grained access control | en_US |
| dc.title | A Database Level Implementation To Enforce Fine Grained Access Control | en_US |
Files
Original bundle
1 - 1 of 1
