Abstract
A recent proposal for database access control consists of defining “authorization views” that specify the accessible data, and declaring a query valid if it can be completely rewritten using the views. Unlike traditional work in query rewriting using views, the rewritten query needs to be equivalent to the original query only over the set of database states that agree with a given set of materializations for the authorization views. With this motivation, we study conditional query containment, i.e. , containment over states that agree on a set of materialized views. We give an algorithm to test conditional containment of conjunctive queries with respect to a set of materialized conjunctive views. We show the problem is \({\it \Pi}^{p}_{2}\)-complete. Based on the algorithm, we give a test for a query to be conditionally authorized given a set of materialized authorization views.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abiteboul, S., Duschka, O.: Complexity of answering queries using materialized views. In: Proc. ACM PODS, pp. 254–263 (1998)
Aho, A., Sagiv, Y., Ullman, J.D.: Equivalence of relational expressions. SIAM Journal of Computing 2(8), 218–246 (1979)
Calvanese, D., Giuseppe, D.G., Lenzerini, M., Vardi, M.Y.: Lossless regular views. In: Proc. ACM PODS, pp. 247–258 (2002)
Chandra, A.K., Merlin, P.M.: Optimal implementations of conjunctive queries in relational databases. In: Proc. STOC, pp. 77–90 (1977)
Chaudhuri, S., Krishnamurthy, R., Potamianos, S., Shim, K.: Optimizing queries with materialized views. In: Proc. ICDE, pp. 190–200 (1995)
Deutsch, A., Tannen, V.: Reformulation of xml queries and constraints. In: Proc. ICDT, pp. 225–241 (2003)
Grahne, G., Mendelzon, A.: Tableau techniques for querying information sources through global schema. In: Proc. ICDT, pp. 332–347 (1999)
Klug, A.: On conjunctive queries containing inequalities. Journal of the Association for Computing Machinery 35(1), 146–160 (1998)
Lenzerini, M.: Data integration: a theoretical perspective. In: Proc. ACM PODS, pp. 233–246 (2002)
Levy, A., Mendelzon, A., Sagiv, Y., Srivastava, D.: Answering queries using views. In: Proc. ACM PODS, pp. 95–104 (1995)
Levy, A., Rajaraman, A., Ordille, J.J.: Querying heterogeneous information sources using source descriptions. In: Proc. VLDB, pp. 251–262 (1996)
Millstein, T., Levy, A., Friedman, M.: Query containment for data integration systems. Journal of Computer and System Sciences, 67–75 (2002)
Motro, A.: An access authorization model for relational databases based on algebraic manipulation of view definitions. In: Proc. ICDE, pp. 339–347 (1989)
Rizvi, S., Mendelzon, A., Sudarshan, S., Roy, P.: Extending query rewriting techniques for fine-grained access control. In: Proc. ACM SIGMOD, pp. 551–562 (2004)
Rosenthal, A., Sciore, E.: View security as the basis for data warehouse security. In: Intl. Workshop on Design and Management of Data Warehouses (2000)
Rosenthal, A., Sciore, E., Doshi, V.: Security administration for federations, warehouses, and other derived data. In: IFIP WG11.3 Conf. on Database Security (1999)
Sagiv, Y., Yannakakis, M.: Equivalence among relational expressions with the union and difference operations. Journal of the ACM 27(4), 633–655 (1980)
van der Meyden, R.: The complexity of querying indefinite data about linearly ordered domains (extended version). In: Proc. ACM PODS, pp. 331–345 (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, Z., Mendelzon, A.O. (2004). Authorization Views and Conditional Query Containment. In: Eiter, T., Libkin, L. (eds) Database Theory - ICDT 2005. ICDT 2005. Lecture Notes in Computer Science, vol 3363. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30570-5_18
Download citation
DOI: https://doi.org/10.1007/978-3-540-30570-5_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24288-8
Online ISBN: 978-3-540-30570-5
eBook Packages: Computer ScienceComputer Science (R0)