Article

Privacy-preserving semantic interoperation and access control of heterogeneous databases

Authors:

Prasenjit Mitra,

Vijayalakshmi AtluriAuthors Info & Claims

ASIACCS '06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security

Pages 66 - 77

https://doi.org/10.1145/1128817.1128831

Published: 21 March 2006 Publication History

Abstract

Today, many applications require users from one organization to access data belonging to organizations. While traditional solutions offered for the federated and mediated databases facilitate this by sharing metadata, this may not be acceptable for certain organizations due to privacy concerns. In this paper, we propose a novel solution -- Privacy-preserving Access Control Toolkit (PACT) -- that enables privacy-preserving secure semantic access control and allows sharing of data among heterogeneous databases without having to share metadata. PACT uses encrypted ontologies, encrypted ontology-mapping tables and conversion functions, encrypted role hierarchies and encrypted queries. The encrypted results of queries are sent directly from the responding system to the requesting system, bypassing the mediator to further improve the security of the system. PACT provides semantic access control using ontologies and semantically expanded authorization tables at the mediator. One of the distinguishing features of the PACT is that it requires very little changes to underlying databases. Despite using encrypted queries and encrypted mediation, we demonstrate that PACT provides acceptable performance.

References

[1]

Resource description framework(rdf) model and syntax specification, w3c recommendation http://www.w3.org/tr/rec-rdf-syntax. 1999.

[2]

S. Agarwal and B. Sprick. Access control for semantic web services. In International Conference on Web Services (ICWS '04). IEEE Computer Society Press., July 2004.

Digital Library

[3]

S. Agarwal, B. Sprick, and S. Wortmann. Credential based access control for semantic web services. In 2004 AAAI Spring Symposium Series, March 2004.

Digital Library

[4]

R. Agrawal, A. Evfimievski, and R. Srikant. Information sharing across private databases. In Proc. ACM SIGMOD 2003, pages 86--97, 2003.

Digital Library

[5]

G-J. Ahn and B. Mohan. Secure sharing role-based delegation. Journal of Network and Comp. Applications, 2004.

[6]

S. Bechhofer, F. van Harmelen, J. Hendler, I. Horrocks, D.L. McGuinness, P.F. Patel-Schneider, and L.A. Stein. Owl web ontology language reference. Technical report, W3C.

[7]

E. Damiani, S. De Capitani di Vimercati, C. Fugazza, and P. Samarati. Extending policy languages to the semantic web. In ICWE, pages 330--343, 2004.

[8]

S. Dawson, S. Qian, and P. Samarati. Providing security and interoperation of heterogeneous systems. Distribute Parallel Databases, 8(1):119--145, January 2000.

Digital Library

[9]

S. De Capitani di Vimercati and P. Samarati. Authorization specification and enforcement in federated database systems. Journal of Comp. Security, 5(2):155--188, 1997.

Digital Library

[10]

H. Garcia-Molina, Y. Papakonstantinou, D. Quass, A. Rajaraman, Y. Sagiv, V. Vassalos, J. D. Ullman, and J. Wisdom. The tsimmis approach to mediation: data models and languages. J. Intelligent Information Systems, 8(2):117--132, 1997.

Digital Library

[11]

L. Gong and X. Qian. The complexity and composability of secure interoperation. In IEEE Symp. Security and Privacy, 1994.

Digital Library

[12]

L. Gong and X. Qian. Computational issues in secure interoperation. IEEE Trans. Soft. Eng., 22(1):43--52, 1996.

Digital Library

[13]

H. Hacigumus, B. R. Iyer, C. Li, and S. Mehrotra. Executing sql over encrypted data in the database-service-provider model. In ACM SIGMOD Conference, pages 216--227, 2002.

Digital Library

[14]

M. Kantarcioglu and C. Clifton. Privacy preserving data mining of association rules on horizontally partitioned data. IEEE Transactions on Knowledge and Data Engineering, 16(9):1026--1037, 2004.

Digital Library

[15]

Peng Liu, Prasenjit Mitra, and Chi-Chun Pan. Privacy-preserving semantic access control across heterogeneous information sources. available at http://ist.psu.edu/s2/paper/sace.pdf. Technical report, Pennsylvania State University, Nov. 2004.

[16]

P. Mitra, P. Liu, and C-C. Pan. Privacy-preserving ontology matching. In AAAI Workshop on Context and Ontologies, July 2005.

[17]

L. Qin and V. Atluri. Concept-level access control for the semantic web. In Workshop on XML Security, held in conjunction with the 10th ACM Conf. on CCS, Oct. 2003.

Digital Library

[18]

Y. Qu, X. Zhang, and H. Li. An ontology-based rights expression language. In 13th Int. World Wide Web Conf. on Alternate track papers & posters Poster, (WWW, Alt. 04), pages 324--325. ACM Press, 2004.

Digital Library

[19]

Erhard Rahm and Philip A. Bernstein. A survey of approaches to automatic schema matching. VLDB Journal, 10(4), 2001.

Digital Library

[20]

M. Yague, A. Mana, Lopez J., and J. M. Troya. Applying the semantic web layers to access control. In Web Semantic Workshop, DEXA 2003 Conference, Sept. 2003.

Digital Library

[21]

M. Yague and J.M. Troya. A semantic approach for access control in web services. In Euroweb 2002 Conference. The Web and the GRID: from e-science to e-business, British Computer Society, W3C, pages 483--494, December 2002.

Digital Library

[22]

A. C. Yao. How to generate and exchange secrets. In Proc. 24th Annual Symposium on Foundations of Computer Science, Oct. 1986.

Digital Library

Cited By

Ghazal RMalik ARaza BQadeer NQamar NBhatia S(2021)Agent-Based Semantic Role Mining for Intelligent Access Control in Multi-Domain Collaborative Applications of Smart CitiesSensors10.3390/s2113425321:13(4253)Online publication date: 22-Jun-2021
https://doi.org/10.3390/s21134253
Dernaika FCuppens-Boulahia NCuppens FRaynaud O(2019)Semantic Mediation for A Posteriori Log AnalysisProceedings of the 14th International Conference on Availability, Reliability and Security10.1145/3339252.3340104(1-10)Online publication date: 26-Aug-2019
https://dl.acm.org/doi/10.1145/3339252.3340104
Shelake VShekokar N(2017)A survey of privacy preserving data integration2017 International Conference on Electrical, Electronics, Communication, Computer, and Optimization Techniques (ICEECCOT)10.1109/ICEECCOT.2017.8284559(59-70)Online publication date: Dec-2017
https://doi.org/10.1109/ICEECCOT.2017.8284559
Show More Cited By

Index Terms

Recommendations

Semantic access control for information interoperation
SACMAT '06: Proceedings of the eleventh ACM symposium on Access control models and technologies

Sharing information across different organizations is a critical problem. Using security enforcement mechanisms, accessing databases is limited to authorized users only. However, if databases and access control policies are syntactically and ...
Access control based privacy preserving secure data sharing with hidden access policies in cloud

Attribute-based encryption is a promising solution to the access control based data sharing in the cloud. In this scheme, access policies are being sent in plaintext form which discloses the user privacy and data privacy. Once the ciphertext has been ...
Privacy-preserving multi-receiver signcryption scheme for heterogeneous systems

In recent years, secure communication and privacy-preserving are gaining popularity because of the advent of wireless network. Certificateless cryptography CLC and identity-based cryptography IBC have already been widely applied in the area of wireless ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIACCS '06: Proceedings of the 2006 ACM Symposium on Information, computer and communications security

March 2006

384 pages

ISBN:1595932720

DOI:10.1145/1128817

Conference Chair:
Ferng-Ching Lin
Executive Yuan, Taiwan
,
General Chairs:
Der-Tsai Lee
Academia Sinica, Taiwan
,
Bao-Shuh Lin
ITRI, Taiwan
,
Program Chairs:
Shiuhpyng Shieh
National Chiao Tung University, Taiwan
,
Sushil Jajodia
George Mason University, USA

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 March 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

Asia CCS06

Sponsor:

SIGSAC

Asia CCS06: ACM Symposium on Information, Computer and Communications Security 2006

March 21 - 24, 2006

Taipei, Taiwan

Acceptance Rates

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

21
Total Citations
View Citations
1,241
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)1

Reflects downloads up to 04 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Ghazal RMalik ARaza BQadeer NQamar NBhatia S(2021)Agent-Based Semantic Role Mining for Intelligent Access Control in Multi-Domain Collaborative Applications of Smart CitiesSensors10.3390/s2113425321:13(4253)Online publication date: 22-Jun-2021
https://doi.org/10.3390/s21134253
Dernaika FCuppens-Boulahia NCuppens FRaynaud O(2019)Semantic Mediation for A Posteriori Log AnalysisProceedings of the 14th International Conference on Availability, Reliability and Security10.1145/3339252.3340104(1-10)Online publication date: 26-Aug-2019
https://dl.acm.org/doi/10.1145/3339252.3340104
Shelake VShekokar N(2017)A survey of privacy preserving data integration2017 International Conference on Electrical, Electronics, Communication, Computer, and Optimization Techniques (ICEECCOT)10.1109/ICEECCOT.2017.8284559(59-70)Online publication date: Dec-2017
https://doi.org/10.1109/ICEECCOT.2017.8284559
Labati RGenovese AMuñoz EPiuri VScotti FSforza G(2016)Biometric Recognition in Automated Border ControlACM Computing Surveys10.1145/293324149:2(1-39)Online publication date: 30-Jun-2016
https://dl.acm.org/doi/10.1145/2933241
Bhatia RSingh M(2016)Privacy Issues in Web Services: An Ontology Based SolutionProcedia Computer Science10.1016/j.procs.2016.07.36892(461-467)Online publication date: 2016
https://doi.org/10.1016/j.procs.2016.07.368
Alamri ABertok PThom JFahad A(2016)The mediator authorization-security model for heterogeneous semantic knowledge basesFuture Generation Computer Systems10.1016/j.future.2015.03.00455:C(227-237)Online publication date: 1-Feb-2016
https://dl.acm.org/doi/10.1016/j.future.2015.03.004
Amagasa TZhang FSakuma JKitagawa HDesai BBernardino JAlmeida ADesai B(2014)A scheme for privacy-preserving ontology mappingProceedings of the 18th International Database Engineering & Applications Symposium10.1145/2628194.2628232(87-95)Online publication date: 7-Jul-2014
https://dl.acm.org/doi/10.1145/2628194.2628232
Papagiannakopoulou EKoukovini MLioudakis GDellas NKaklamani DVenieris L(2014)Leveraging Semantic Web Technologies for Access ControlEmerging Trends in ICT Security10.1016/B978-0-12-411474-6.00030-X(493-506)Online publication date: 2014
https://doi.org/10.1016/B978-0-12-411474-6.00030-X
Payne TTamma V(2014)A Dialectical Approach to Selectively Reusing Ontological CorrespondencesKnowledge Engineering and Knowledge Management10.1007/978-3-319-13704-9_31(397-412)Online publication date: 2014
https://doi.org/10.1007/978-3-319-13704-9_31
Alexandru AGalatescu ANicolau DBarbu D(2011)An ontology-based approach for occupational healthProceedings of the 15th WSEAS international conference on Computers10.5555/2028299.2028371(381-386)Online publication date: 15-Jul-2011
https://dl.acm.org/doi/10.5555/2028299.2028371
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents