Collaborative access control in WebdamLog

Vera Zaychik Moffitt, Julia Stoyanovich, Serge Abiteboul, Gerome Miklau

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    The management of Web users' personal information is increasingly distributed across a broad array of applications and systems, including online social networks and cloudbased services. Users wish to share data using these systems, but avoiding the risks of unintended disclosures or unauthorized access by applications has become a major challenge. We propose a novel access control model that operates within a distributed data management framework based on datalog. Using this model, users can control access to data they own and control applications they run. They can conveniently specify access control policies providing flexible tuple-level control derived using provenance information. We present a formal specification of the model, an implementation built using an open-source distributed datalog engine, and an extensive experimental evaluation showing that the computational cost of access control is modest.

    Original languageEnglish (US)
    Title of host publicationSIGMOD 2015 - Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data
    PublisherAssociation for Computing Machinery
    Pages197-211
    Number of pages15
    Volume2015-May
    ISBN (Electronic)9781450327589
    DOIs
    StatePublished - May 27 2015
    EventACM SIGMOD International Conference on Management of Data, SIGMOD 2015 - Melbourne, Australia
    Duration: May 31 2015Jun 4 2015

    Other

    OtherACM SIGMOD International Conference on Management of Data, SIGMOD 2015
    CountryAustralia
    CityMelbourne
    Period5/31/156/4/15

    Fingerprint

    Access control
    Online systems
    Level control
    Information management
    Engines
    Costs

    ASJC Scopus subject areas

    • Software
    • Information Systems

    Cite this

    Moffitt, V. Z., Stoyanovich, J., Abiteboul, S., & Miklau, G. (2015). Collaborative access control in WebdamLog. In SIGMOD 2015 - Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data (Vol. 2015-May, pp. 197-211). Association for Computing Machinery. https://doi.org/10.1145/2723372.2749433

    Collaborative access control in WebdamLog. / Moffitt, Vera Zaychik; Stoyanovich, Julia; Abiteboul, Serge; Miklau, Gerome.

    SIGMOD 2015 - Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data. Vol. 2015-May Association for Computing Machinery, 2015. p. 197-211.

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Moffitt, VZ, Stoyanovich, J, Abiteboul, S & Miklau, G 2015, Collaborative access control in WebdamLog. in SIGMOD 2015 - Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data. vol. 2015-May, Association for Computing Machinery, pp. 197-211, ACM SIGMOD International Conference on Management of Data, SIGMOD 2015, Melbourne, Australia, 5/31/15. https://doi.org/10.1145/2723372.2749433
    Moffitt VZ, Stoyanovich J, Abiteboul S, Miklau G. Collaborative access control in WebdamLog. In SIGMOD 2015 - Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data. Vol. 2015-May. Association for Computing Machinery. 2015. p. 197-211 https://doi.org/10.1145/2723372.2749433
    Moffitt, Vera Zaychik ; Stoyanovich, Julia ; Abiteboul, Serge ; Miklau, Gerome. / Collaborative access control in WebdamLog. SIGMOD 2015 - Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data. Vol. 2015-May Association for Computing Machinery, 2015. pp. 197-211
    @inproceedings{8a5eab27ff1740acb3bbf78115572857,
    title = "Collaborative access control in WebdamLog",
    abstract = "The management of Web users' personal information is increasingly distributed across a broad array of applications and systems, including online social networks and cloudbased services. Users wish to share data using these systems, but avoiding the risks of unintended disclosures or unauthorized access by applications has become a major challenge. We propose a novel access control model that operates within a distributed data management framework based on datalog. Using this model, users can control access to data they own and control applications they run. They can conveniently specify access control policies providing flexible tuple-level control derived using provenance information. We present a formal specification of the model, an implementation built using an open-source distributed datalog engine, and an extensive experimental evaluation showing that the computational cost of access control is modest.",
    author = "Moffitt, {Vera Zaychik} and Julia Stoyanovich and Serge Abiteboul and Gerome Miklau",
    year = "2015",
    month = "5",
    day = "27",
    doi = "10.1145/2723372.2749433",
    language = "English (US)",
    volume = "2015-May",
    pages = "197--211",
    booktitle = "SIGMOD 2015 - Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data",
    publisher = "Association for Computing Machinery",

    }

    TY - GEN

    T1 - Collaborative access control in WebdamLog

    AU - Moffitt, Vera Zaychik

    AU - Stoyanovich, Julia

    AU - Abiteboul, Serge

    AU - Miklau, Gerome

    PY - 2015/5/27

    Y1 - 2015/5/27

    N2 - The management of Web users' personal information is increasingly distributed across a broad array of applications and systems, including online social networks and cloudbased services. Users wish to share data using these systems, but avoiding the risks of unintended disclosures or unauthorized access by applications has become a major challenge. We propose a novel access control model that operates within a distributed data management framework based on datalog. Using this model, users can control access to data they own and control applications they run. They can conveniently specify access control policies providing flexible tuple-level control derived using provenance information. We present a formal specification of the model, an implementation built using an open-source distributed datalog engine, and an extensive experimental evaluation showing that the computational cost of access control is modest.

    AB - The management of Web users' personal information is increasingly distributed across a broad array of applications and systems, including online social networks and cloudbased services. Users wish to share data using these systems, but avoiding the risks of unintended disclosures or unauthorized access by applications has become a major challenge. We propose a novel access control model that operates within a distributed data management framework based on datalog. Using this model, users can control access to data they own and control applications they run. They can conveniently specify access control policies providing flexible tuple-level control derived using provenance information. We present a formal specification of the model, an implementation built using an open-source distributed datalog engine, and an extensive experimental evaluation showing that the computational cost of access control is modest.

    UR - http://www.scopus.com/inward/record.url?scp=84944628025&partnerID=8YFLogxK

    UR - http://www.scopus.com/inward/citedby.url?scp=84944628025&partnerID=8YFLogxK

    U2 - 10.1145/2723372.2749433

    DO - 10.1145/2723372.2749433

    M3 - Conference contribution

    VL - 2015-May

    SP - 197

    EP - 211

    BT - SIGMOD 2015 - Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data

    PB - Association for Computing Machinery

    ER -