FENCE: Continuous access control enforcement in dynamic data stream environments

Abstract

In this paper, we present FENCE framework that addresses the problem of continuous access control enforcement in dynamic data stream environments. The distinguishing characteristics of FENCE include: (1) the stream-centric approach to security, (2) the symmetric modeling of security for both continuous queries and streaming data, and (3) security-aware query processing that considers both regular and security-related selectivities. In FENCE, both data and query security restrictions are modeled in the form of streaming security metadata, called "security punctuations", embedded inside data streams. We have implemented FENCE in a prototype DSMS and briefly summarize our performance observations.

Keywords

FENCE framework, continuous access control, dynamic data stream, stream centric, security, symmetric modeling, security aware query processing

Date of this Version

2010

Comments

2010 IEEE 26th International Conference on Data Engineering (ICDE), Issue Date: 1-6 March 2010 page(s): 940 - 943 Long Beach, CA

Share

COinS