We present a simple, yet powerful, approach for the specification and enforcement of authorizations regulating data release among data holders collaborating in a distributed computation, to ensure that query processing discloses only data whose release has been explicitly authorized. Data disclosure is captured by means of profiles, associated with each data computation, that describe the information carried by the result. We also present an algorithm that, given a query plan, determines whether it can be safely executed and produces a safe execution strategy. The main advantage of our approach is its simplicity that, without impacting expressiveness, makes it nicely interoperable with current solutions for collaborative computations in distributed database systems.
Controlled information sharing in collaborative distributed query processing / S. De Capitani di Vimercati, S. Foresti, S. Jajodia, S. Paraboschi, P. Samarati - In: The 28. International conference on distributed computing systems : ICDCS '08 : 17-20 june 2008, Beijing, China : proceedings / [a cura di] [s.n.]. - Los Alamitos : Institute of electrical and electronics engineers, 2008. - ISBN 9780769531724. - pp. 303-310 (( Intervento presentato al 28. convegno International Conference on Distributed Computing Systems (ICDCS) tenutosi a Beijing, China nel 2008.
Controlled information sharing in collaborative distributed query processing
S. De Capitani di VimercatiPrimo
;S. ForestiSecondo
;P. SamaratiUltimo
2008
Abstract
We present a simple, yet powerful, approach for the specification and enforcement of authorizations regulating data release among data holders collaborating in a distributed computation, to ensure that query processing discloses only data whose release has been explicitly authorized. Data disclosure is captured by means of profiles, associated with each data computation, that describe the information carried by the result. We also present an algorithm that, given a query plan, determines whether it can be safely executed and produces a safe execution strategy. The main advantage of our approach is its simplicity that, without impacting expressiveness, makes it nicely interoperable with current solutions for collaborative computations in distributed database systems.Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.