Skip to main content
SpringerLink
Log in

Authorization Views and Conditional Query Containment

  • Conference paper
Database Theory - ICDT 2005 (ICDT 2005)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 3363))

Included in the following conference series:

Abstract

A recent proposal for database access control consists of defining “authorization views” that specify the accessible data, and declaring a query valid if it can be completely rewritten using the views. Unlike traditional work in query rewriting using views, the rewritten query needs to be equivalent to the original query only over the set of database states that agree with a given set of materializations for the authorization views. With this motivation, we study conditional query containment, i.e. , containment over states that agree on a set of materialized views. We give an algorithm to test conditional containment of conjunctive queries with respect to a set of materialized conjunctive views. We show the problem is \({\it \Pi}^{p}_{2}\)-complete. Based on the algorithm, we give a test for a query to be conditionally authorized given a set of materialized authorization views.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abiteboul, S., Duschka, O.: Complexity of answering queries using materialized views. In: Proc. ACM PODS, pp. 254–263 (1998)

    Google Scholar 

  2. Aho, A., Sagiv, Y., Ullman, J.D.: Equivalence of relational expressions. SIAM Journal of Computing 2(8), 218–246 (1979)

    Article  MathSciNet  Google Scholar 

  3. Calvanese, D., Giuseppe, D.G., Lenzerini, M., Vardi, M.Y.: Lossless regular views. In: Proc. ACM PODS, pp. 247–258 (2002)

    Google Scholar 

  4. Chandra, A.K., Merlin, P.M.: Optimal implementations of conjunctive queries in relational databases. In: Proc. STOC, pp. 77–90 (1977)

    Google Scholar 

  5. Chaudhuri, S., Krishnamurthy, R., Potamianos, S., Shim, K.: Optimizing queries with materialized views. In: Proc. ICDE, pp. 190–200 (1995)

    Google Scholar 

  6. Deutsch, A., Tannen, V.: Reformulation of xml queries and constraints. In: Proc. ICDT, pp. 225–241 (2003)

    Google Scholar 

  7. Grahne, G., Mendelzon, A.: Tableau techniques for querying information sources through global schema. In: Proc. ICDT, pp. 332–347 (1999)

    Google Scholar 

  8. Klug, A.: On conjunctive queries containing inequalities. Journal of the Association for Computing Machinery 35(1), 146–160 (1998)

    MathSciNet  Google Scholar 

  9. Lenzerini, M.: Data integration: a theoretical perspective. In: Proc. ACM PODS, pp. 233–246 (2002)

    Google Scholar 

  10. Levy, A., Mendelzon, A., Sagiv, Y., Srivastava, D.: Answering queries using views. In: Proc. ACM PODS, pp. 95–104 (1995)

    Google Scholar 

  11. Levy, A., Rajaraman, A., Ordille, J.J.: Querying heterogeneous information sources using source descriptions. In: Proc. VLDB, pp. 251–262 (1996)

    Google Scholar 

  12. Millstein, T., Levy, A., Friedman, M.: Query containment for data integration systems. Journal of Computer and System Sciences, 67–75 (2002)

    Google Scholar 

  13. Motro, A.: An access authorization model for relational databases based on algebraic manipulation of view definitions. In: Proc. ICDE, pp. 339–347 (1989)

    Google Scholar 

  14. Rizvi, S., Mendelzon, A., Sudarshan, S., Roy, P.: Extending query rewriting techniques for fine-grained access control. In: Proc. ACM SIGMOD, pp. 551–562 (2004)

    Google Scholar 

  15. Rosenthal, A., Sciore, E.: View security as the basis for data warehouse security. In: Intl. Workshop on Design and Management of Data Warehouses (2000)

    Google Scholar 

  16. Rosenthal, A., Sciore, E., Doshi, V.: Security administration for federations, warehouses, and other derived data. In: IFIP WG11.3 Conf. on Database Security (1999)

    Google Scholar 

  17. Sagiv, Y., Yannakakis, M.: Equivalence among relational expressions with the union and difference operations. Journal of the ACM 27(4), 633–655 (1980)

    Article  MATH  MathSciNet  Google Scholar 

  18. van der Meyden, R.: The complexity of querying indefinite data about linearly ordered domains (extended version). In: Proc. ACM PODS, pp. 331–345 (1992)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Toronto,  

    Zheng Zhang & Alberto O. Mendelzon

Authors
  1. Zheng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alberto O. Mendelzon
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institut für Informationssysteme, Technische Universität Wien, Favoritenstraße 9-11, A-1040, Vienna, Austria

    Thomas Eiter

  2. School of Informatics, University of Edinburgh,  

    Leonid Libkin

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhang, Z., Mendelzon, A.O. (2004). Authorization Views and Conditional Query Containment. In: Eiter, T., Libkin, L. (eds) Database Theory - ICDT 2005. ICDT 2005. Lecture Notes in Computer Science, vol 3363. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30570-5_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30570-5_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-24288-8

  • Online ISBN: 978-3-540-30570-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation