Guoqiang Zhan,Zude Li,Xiaojun Ye,Jianmin Wang

DOI: https://doi.org/10.1007/11824633_14

2006-01-01

Abstract:Applications require fine-grained access control (FGAC) supported by DBMSs themselves. Though much literature has referred to the FGAC, its key problems still remain open. Thus, we develop a FGAC-QD model based on query decomposition strategy with incorporating two notions of authorization rule and predicate transitive rule. In our model, users' queries are decomposed into a set of one-variable queries (OVQ). For each OVQ, its validity is checked against the corresponding authorization rule; if all the OVQs are valid, the query is inferred to be valid and will be executed without any modification; otherwise the query has illegal access, and will be partially evaluated or rejected directly, according to the feature of applications. Finally, the results of experiments demonstrate the feasibility of FGAC-QD.

Li Jiang,Lingdi Ping,Xuezeng Pan

DOI: https://doi.org/10.1007/978-3-540-76788-6_6

2007-01-01

Abstract:Information flow and in particular noninterference ensure that sensitive information does not affect public information. But noninterference is too restrictive: real computing systems sometimes need to dynamically release certain amount of sensitive information. In this paper, we propose a new security property that requires the decision to perform information release have high integrity, and permits low integrity data which comes from untrusted sources to dynamically affect information release by upgrading (or endorsing) its integrity. To control such integrity upgrading, we introduce an endorsement mechanism that takes the form of a local integrity endorsing policy declaration. So the programmer can express more precise ways of endorsing, by specifying the integrity levels from which information may be endorsed. In addition, we show a new type system to enforce the security property.

Li Zhaorui,Huang Zhicong,Chen Chaochao,Hong Cheng

2019-01-01

Abstract: With the growing emphasis on users' privacy, federated learning has become more and more popular. Many architectures have been raised for a better security. Most architecture work on the assumption that data's gradient could not leak information. However, some work, recently, has shown such gradients may lead to leakage of the training data. In this paper, we discuss the leakage based on a federated approximated logistic regression model and show that such gradient's leakage could leak the complete training data if all elements of the inputs are either 0 or 1.

Xiyuan Chen,Yang OUYang,Miaoliang Zhu,Yan He

DOI: https://doi.org/10.1109/ICYCS.2008.407

2008-01-01

Abstract:The emerging grid infrastructure presents many challenging security issues that demand new access approach due to its inherent heterogeneity, multidomain characteristic and highly dynamic nature. In order to protect the secure sharing and coordinated use of diverse resources in distributed "virtual organizations", fine-grained access control in grid computing is therefore very necessary and important. In this paper, a semantic-aware access conrtol(SAAC) extending the RBAC with the semantic specification is proposed. Supplying semantic specification by the implementation of semantic inference engine (SIE), the administration for the applicability of users' role memberships to particular permissions is much more easy and precise. The enforcement of the SAAC model for grid application is presented. An experimental evaluation of its overheads is also described.

Bai Wen-yang

2010-01-01

Abstract:The development of modern information technology and digitalization of the daily lives brings security database new challenges. It is necessary for a security database to provide access control and privacy protection mechanism to ensure the legal use of data and to prevent privacy breach. This paper introduced an integrated security model which could provide the functions of privacy protection and access control simultaneously by building the connection between the validity of query in parameterized authorization view model and the suspiciousness of a conjunctive select-project-join query in online query audit model, it also designed a polynomial time detecting algorithm and two incorporating frameworks for the integrated model to provide higher performance and fine-grained access control in modern database systems.

Fuguang Ma,Yong Gao,Menglong Yan,Fuchun Xu,Ding Liu

DOI: https://doi.org/10.1109/GEOINFORMATICS.2010.5567713

2010-01-01

GEOINFORMATICS

Abstract:With the development of the network technologies and GIS, spatial data security is becoming more and more important because of the increasing spatial data sharing and interoperation. At the same time, advanced spatial data acquisition technologies are producing mass high-precision data. Therefore, fine-grained access restrictions to spatial data are seriously demanded. However, the existing data access control technologies are inadequate to meet the security requirement of spatial data, especially in fine-grained access control. In this paper, the fine-grained access control of the spatial data issues is discussed in detail. Then, the mechanism of authorization for the fine-grained access control is introduced. Based on Role-based Access Control (RBAC) model, a fine-grained access control model for spatial data is proposed in the grid environment. Finally, a case study is given to prove the feasibility of the proposed model above.

J. Lin,Y. Fang,W. Zhang,Z. Huang

DOI: https://doi.org/10.1080/17538940902818329

IF: 4.606

2009-01-01

International Journal of Digital Earth

Abstract:In recent years, geographical information systems have been employed in a wide variety of application domains, and as a result many research efforts are being devoted to those upcoming problems. Geospatial data security, especially access control, has attracted increased research interests within the academic community. The tendency towards sharing and interoperability of geospatial data and applications makes it common to acquire and integrate geospatial data from multiple organisations to accomplish a complex task. Meanwhile, many organisations have the requirement for securing access to possessed sensitive or proprietary geospatial data. In this heterogeneous and distributed environment, consistent access control functionality is crucial to promote controlled accessibility. As an extension of general access control mechanisms in the IT domain, the mechanism for geospatial data access control has its own requirements and characteristics of granularity and geospatial logic. In this paper, we address several fundamental aspects concerning the design and implementation of an access control system for geospatial data, including the classification, requirements, authorisation models, storage structures and management approaches for authorisation rules, matching and decision-making algorithms between authorisation rules and access requests, and its policy enforcement mechanisms. This paper also presents a system framework for realising access control functionality for geospatial data, and explain access control procedures in detail.

Junbiao Wang,Jianxin Zhang,Jianjun Jiang,Shichao Zhang

DOI: https://doi.org/10.3969/j.issn.1000-2758.2008.04.005

2008-01-01

Xibei Gongye Daxue Xuebao/Journal of Northwestern Polytechnical University

Abstract:Aim. Existing access control models are, in our opinion, not sufficiently effective. We now propose a novel access control model based on RBAC (Role-Based Access Control), which, we believe, is sufficiently effective. In the full paper, we explain our model in some detail. In this abstract, we just add some pertinent remarks to listing the two topics of explanation. The first topic is: the analysis of RBAC-based access control model. In the first topic, with the help of Fig.1 in the full paper, we explain in some detail how the FICS (Flexible Information Coding System) controls access. The second topic is: the implementation of our novel and effective RBAC-based access control model. Its three subtopics are: the concepts of traditional RBAC model that we utilize (subtopic 2.1), the restrictions we impose on accessing our novel and effective model (subtopic 2.2), and the access assignment strategy of FICS (subtopic 2.3). A large Chinese aircraft manufacturing enterprise has made use of our novel and effective RBAC-based access control model and has gradually widened and continues to widen the scope of its application. How the large enterprise utilizes our novel and effective model are briefly described in Fig.4 and Table 1 in the full paper.

Jie Cui,Xuelian Chen,Jing Zhang,Qingyang Zhang,Hong Zhong

DOI: https://doi.org/10.1109/jiot.2020.3041860

IF: 10.6

2021-05-15

IEEE Internet of Things Journal

Abstract:A connected and autonomous vehicle (CAV) is often fitted with a large number of onboard sensors and applications to support autonomous driving functions. Based on the current research, little work on applications' access to in-vehicle data has been done. Furthermore, most existing autonomous driving operating systems lack authentication and encryption units. As such, applications can excessively obtain confidential information, such as vehicle location and owner preferences and even upload it to the cloud, threatening the security of the vehicle and the privacy of the owner. In this study, we propose a fine-grained access control scheme to restrict applications' access to data in CAVs (FGAC-inCAVs). First, we present a system model composed of the following elements: a trusted third party (TTP), which is a fully trusted authority; perception components like sensors, which can capture the road information (pictures, videos, etc.); and multiple applications. Then, a fast attribute-based encryption (ABE) is presented, and security analysis also shows it is secure against selective and chosen-plaintext attacks. Furthermore, we propose a key update scheme based on the Chinese remainder theorem (CRT). Finally, the theoretical analysis and simulation experiments demonstrate its feasibility and efficiency.

computer science, information systems,telecommunications,engineering, electrical & electronic

YAN He-Ping,WANG Wei,SHI Bai-Le

DOI: https://doi.org/10.1360/jos170750

2006-01-01

Abstract:This paper investigates the inference problems due to functional dependencies (FD) and multi-valued dependencies (MVD) in a multilevel relational database with element classification schemes. The algorithms presented can greatly improve the data availability. To further deal with the indirect privacy violation, the view-based inference control method is proposed which can eliminate the secure problem brought by multi-view collusions. The theories of splitting views into the view dependency basis are the foundation of future work on the view-based inference control.

BAO Zhigang,HU Yanjun,GU Xinjian

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.01.059

2006-01-01

Abstract:Firstly making reference to role based access control(RBAC)model,this paper proposes the basic idea about access control.Then it introduces database design of two realizing methods about access control and two methods’ realization in program,it also presents visual effect.Finally it analyzes and compares one to another in detail from two aspects of applicability and reusability.

Hoang Nguyen Phuoc-Bao,Manuel Clavel

DOI: https://doi.org/10.48550/arXiv.2209.05561

2022-09-13

Abstract:Recently, we have proposed a model-driven approach for enforcing fine-grained access control (FGAC) policies when executing SQL queries. More concretely, we have defined a function SecQuery() that, given an FGAC policy S and a SQL select-statement q, generates a SQL stored-procedure SecQuery(S, q), such that: if a user u with role r is authorised, according to S, to execute q based on the current state of the database, then calling SecQuery(S, q)(u, r) returns the same result as when u executes q; otherwise, if the user u is not authorised, according to S, to execute q based on the current state of the database, then calling SecQuery(S, q)(u, r) signals an error. Not surprisingly, executing the query q takes less time than calling the corresponding stored-procedure SecQuery(S, q). Here we propose a model-based methodology for optimising the stored-procedures generated by the function SecQuery(). The idea is to eliminate authorisation checks in the body of the stored-procedures generated by SecQuery(), when they can be proved to be unnecessary. Based on our previous mapping from the Object Constraint Language (OCL) to many-sorted first-order logic, we can attempt to prove that authorisation checks are unnecessary by using SMT solvers. We include a case study to illustrate and show the applicability of our methodology.

Databases,Cryptography and Security

Jiayuan Lin,Yu Fang,Bin Chen,Lin Wan

DOI: https://doi.org/10.1117/12.815569

2008-01-01

Abstract:The development and application of spatial database ultimately create the demand for spatial information security, and access control is our primary concern. The access control requirements for spatial database contain two special aspects: 1) fine-grained; 2) meeting certain conditions, including spatial and non-spatial. In this paper, we propose a view-based mechanism to implement access control functionalities. We firstly present the authorization model for spatial data. Then we thoroughly discuss the definition of various views and their authorization, and explain the advantages and disadvantages of this model. We also provide a reference framework for the view-based access control system, and the components and control flow are explained. Finally, we use a case study to demonstrate the feasibility and effectiveness of view-based authorization model for securing spatial database access. © 2008 SPIE.

Liang Cai,Xiaohu Yang,Jinxiang Dong

2001-01-01

Abstract:We briefly introduce the special characteristics of database security in information warfare and related researches, then emphasis the importance of antagonizing, malicious DBMS in information warfare. This paper suggests a threat model for malicious DBMS by carefully analyzing the possible security threats by malicious DBMS, then a database security architecture capable of antagonizing the malicious DBMS is proposed based on this threat model and the special requirements of critical applications in China. It can greatly improve the critical application's capability to antagonize malicious DBMS by incorporating, self-controlled authentication, principal / object mapping, transparent attribute encryption / decryption, attribute / tuple level mandatory access control, and parallel structure of multiple DBMSs.

Fangzhou Wu,Ethan Cecchetti,Chaowei Xiao

2024-10-10

Abstract:Large Language Model-based systems (LLM systems) are information and query processing systems that use LLMs to plan operations from natural-language prompts and feed the output of each successive step into the LLM to plan the next. This structure results in powerful tools that can process complex information from diverse sources but raises critical security concerns. Malicious information from any source may be processed by the LLM and can compromise the query processing, resulting in nearly arbitrary misbehavior. To tackle this problem, we present a system-level defense based on the principles of information flow control that we call an f-secure LLM system. An f-secure LLM system disaggregates the components of an LLM system into a context-aware pipeline with dynamically generated structured executable plans, and a security monitor filters out untrusted input into the planning process. This structure prevents compromise while maximizing flexibility. We provide formal models for both existing LLM systems and our f-secure LLM system, allowing analysis of critical security guarantees. We further evaluate case studies and benchmarks showing that f-secure LLM systems provide robust security while preserving functionality and efficiency. Our code is released at <a class="link-external link-https" href="https://github.com/fzwark/Secure_LLM_System" rel="external noopener nofollow">this https URL</a>.

Cryptography and Security

Jihane El Mokhtari,Anas Abou El Kalam,Siham Benhaddou,Jean-Philippe Leroy

DOI: https://doi.org/10.18280/ijsse.110504

2021-10-31

International Journal of Safety and Security Engineering

Abstract:This article is devoted to the topic of coupling access and inference controls into security policies. The coupling of these two mechanisms is necessary to strengthen the protection of the privacy of complex systems users. Although the PrivOrBAC access control model covers several privacy protection requirements, the risk of inferring sensitive data may exist. Indeed, the accumulation of several pieces of data to which access is authorized can create an inference. This work proposes an inference control mechanism implemented through multidimensional analysis. This analysis will take into account several elements such as the history of access to the data that may create an inference, as well as their influence on the inference. The idea is that this mechanism delivers metrics that reflect the level of risk. These measures will be considered in the access control rules and will participate in the refusal or authorization decision with or without obligation. This is how the coupling of access and inference controls will be applied. The implementation of this coupling will be done via the multidimensional OLAP databases which will be requested by the Policy Information Point, the gateway brick of XACML to the various external data sources, which will route the inference measurements to the decision-making point.

Da-Wei Wang,Churn-Jung Liau,Tsan-sheng Hsu,Jeremy K.-P. Chen

DOI: https://doi.org/10.1016/j.ijar.2006.04.002

IF: 4.452

2006-10-01

International Journal of Approximate Reasoning

Abstract:We assume that a database of personal information comprises records of individuals that contain confidential or sensitive fields. Queries about the distribution of a sensitive field within a selected population in the database can be submitted to the data center. However, the answers to the queries may leak confidential information about some individuals, even though no identification information is provided. Inspired by decision theory, we present two quantitative models for privacy protection in such a database query or linkage environment. One models the value of information from the viewpoint of the querier, while the other models the damage caused by and compensation for privacy leakage.In both models, we define the information state by a class of probability distributions on a set of possible confidential values. These states can be modified and refined by the user’s knowledge acquisition behavior. In the first model, the value of information is defined as the expected gain of the querier, and privacy is protected by imposing costs on the answers to the queries to balance any potential gain. In the second model, the safety of information is guaranteed by ensuring that anyone misusing private information must pay more compensation than the value of the possible gain.

computer science, artificial intelligence

Pau-Chen Cheng,Pankaj Rohatgi,Claudia Keser,Paul A. Karger,Grant M. Wagner,Angela Schuett Reninger

DOI: https://doi.org/10.1109/sp.2007.21

2007-05-01

Abstract:This paper presents a new model for, or rather a new way of thinking about adaptive, risk—based access control. Our basic premise is that there is always inherent uncertainty and risk in access control decisions that is best addressed in an explicit way. We illustrate this concept by showing how the rationale of the well—known, Bell—Lapadula model based, Multi-Level Security (MLS) access control model could be used to develop a risk-adaptive access control model. This new model is more like a Fuzzy Logic control system [9] than a traditional access control system and hence the name “Fuzzy MLS”. The long version of this paper is published as an IBM Research Report [3].

YongHong Yu,Wenyang Bai

2010-01-01

Journal of Computational Information Systems

Abstract:Privacy requirements have an increasing impact on the real-world applications. Technical considerations and many significant commercial and legal regulations demand that privacy guarantees be provided whenever sensitive information is stored, processed, or communicated to external partied. In this paper, we propose a solution to enforce data confidentiality, data privacy, user privacy and access control over outsourced database services. The approach starts from a flexible definition of privacy constraints on a relational schema, applies encryption on information in a parsimonious way and mostly relies on attribute partition to protect sensitive information. Based on the approximation algorithm for the minimal encryption attribute partition with quasi-identifier detection, the approach allow storing the outsourced data on a single database server and minimizing the amount of data represented in encrypted format. Meanwhile, by applying cryptographic technology on the auxiliary random server protocol, the approach can solve the problem of private information retrieval to protect data privacy, user privacy and access control on outsourced database services. The theoretical analysis shows that our new model can provide efficient data privacy protection and query processing, efficient in computational complexity and does not increase the cost of communication complexity of user privacy protection and access control. Copyright © 2010 Binary Information Press.

Chen,Weili Han,Jianming Yong

DOI: https://doi.org/10.1109/cscwd.2010.5471991

2010-01-01

Abstract:XACML and its reference implementation can not directly support quantified risk adaptive access control, because there are several special requirements to specify and enforce the policies in risk adaptive access control: the elements in these policies, such as risk, risk level, are not covered; and risk in quantified risk adaptive access control would be mutable, accumulated and required to be continuously controlled. This paper, therefore, extends XACML and its reference implementation to support quantified risk adaptive access control. This paper makes two contributions: design a risk adaptive policy language extended from XACML; and propose a framework to enforce the policies. To the best of our knowledge, this paper is the first research work to discuss this topic.