Skip to main content
SpringerLink
Log in

Protecting Personal Data with Various Granularities: A Logic-Based Access Control Approach

  • Conference paper
Computational Intelligence and Security (CIS 2005)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 3802))

Included in the following conference series:

Abstract

In this paper, we present a rule-based approach to fine-grained data-dependent access control for database systems. Authorization rules in this framework are described in a logical language that allows us to specify policies systematically and easily. The language expresses authorization rules based on the values, types, and semantics of data elements common to the relational data model. We demonstrate the applicability of our approach by describing several data-dependent policies using an example drawn from a medical information system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, R.J.: A Security Policy Model for Clinical Information Systems. In: Proc. IEEE Symp. on Security and Privacy, pp. 30–45 (1996)

    Google Scholar 

  2. Bertino, E., Jajodia, S., Samarati, P.: Supporting Multiple Access Control Policies in Data-base Systems. In: Proc. IEEE Symp. on Security and Privacy, pp. 94–108 (1996)

    Google Scholar 

  3. Griffiths, P.P., Wade, B.W.: An Authorization Mechanism for a Relational Database System. ACM Transactions on Database Systems 1(3), 242–255 (1976)

    Article  Google Scholar 

  4. Jajodia, S., Samarati, P., Subrahmanian, V.S., Bertino, E.: A Unified Framework for Enforcing Multiple Access Control Policies. In: Proc. ACM SIGMOD, pp. 474–485 (1997)

    Google Scholar 

  5. Rizvi, S., Mendelzon, A.O., Sudarshan, S., Roy, P.: Extending Query Rewriting Techniques for Fine-Grained Access Control. In: Proc. ACM SIGMOD, Paris, France, pp. 551–562 (2004)

    Google Scholar 

  6. Rosenthal, A., Winslett, M.: Security of Shared Data in Large Systems: State of the Art and Research Directions. In: Proc. of ACM SIGMOD, pp. 962–964 (2004)

    Google Scholar 

  7. Ullman, J.: Principles of Database and Knowledge-Base Systems, vol. 1&2. Computer Science Press (1988)

    Google Scholar 

  8. Yu, T.: Fine-grained Access Control. In: Fall Privacy Place Workshop Proceedings, http://theprivacyplace.org/Workshops/fall_2004.html

  9. Zhang, L., Ahn, G., Chu, B.: A Role-Based Delegation Framework for Healthcare Information Systems. In: Proc. ACM SACMAT, pp. 125–134 (2002)

    Google Scholar 

  10. The Virtual Private Database in Oracle9ir2: An Oracle Technical White Paper (2002), http://www.oracle.com/technology/deploy/security/oracle9ir2/pdf/VPD9ir2twp.pdf

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Faculty of Engineering, Gunma University, 1-5-1 Tenjin-cho, Kiryu, Gunma, 376-8515, Japan

    Bat-Odon Purevjii, Masayoshi Aritsugi, Sayaka Imai & Yoshinari Kanamori

  2. School of Electrical Engineering & Computer Science, Oregon State University, Corvallis, OR, 97331, USA

    Cherri M. Pancake

Authors
  1. Bat-Odon Purevjii
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Masayoshi Aritsugi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sayaka Imai
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yoshinari Kanamori
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Cherri M. Pancake
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Microelectronic Instiute, Xidian University, 710071, Xi’an, China

    Yue Hao

  2. Department of Computer Science, Hong Kong Baptist University, Kowloon Tong, Hong Kong

    Jiming Liu

  3. School of Computer Science and Technology, Xidian University, Xi’an, China

    Yu-Ping Wang

  4. Department of Computer Science, Hong Kong Baptist University, Hong Kong,  

    Yiu-ming Cheung

  5. School of Electrical and Electronic Engineering, University of Manchester, UK

    Hujun Yin

  6. Life Science Research Center, School of Electronic Engineering, Xidian University, 710071, Xi’an, Shaanxi, China

    Licheng Jiao

  7. Key Laboratory of Computer Networks and Information Security(Ministry of Education), Xidian University, 710071, Xi’an, China

    Jianfeng Ma

  8. National Laboratory of Antennas and Microwave Technology, Xidian University, 710071, Xi’an, Shanxi, P.R. China

    Yong-Chang Jiao

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Purevjii, BO., Aritsugi, M., Imai, S., Kanamori, Y., Pancake, C.M. (2005). Protecting Personal Data with Various Granularities: A Logic-Based Access Control Approach. In: Hao, Y., et al. Computational Intelligence and Security. CIS 2005. Lecture Notes in Computer Science(), vol 3802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11596981_81

Download citation

  • DOI: https://doi.org/10.1007/11596981_81

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-30819-5

  • Online ISBN: 978-3-540-31598-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation