Modern web applications serve large amounts of sensitive user data, access to which is typically governed by data-access policies. Enforcing such policies is crucial to preventing …
M Guarnieri, D Basin - Proceedings of the VLDB Endowment, 2014 - dl.acm.org
Security-Aware Query Processing is the problem of computing answers to queries in the presence of access control policies. We present general impossibility results for the …
M Guarnieri, S Marinovic… - 2016 IEEE European …, 2016 - ieeexplore.ieee.org
Existing SQL access control mechanisms are extremely limited. Attackers can leak information and escalate their privileges using advanced database features such as views …
A Cortesi, R Halder - Distributed Computing and Internet Technology: 9th …, 2013 - Springer
In this paper, we extend recent works on concrete and abstract semantics of structured query languages by considering recursive queries too. We show that combining abstraction of data …
The barrier to entry of deploying applications in datacenter environments has been greatly reduced over the last decade. With the advent of cloud computing, application developers …
The aim of this thesis is to extend the Abstract Interpretation framework to the broader context of Information Systems. In particular, we address issues related to security …
Databases often store and manage sensitive data. Regulating the access to databases is, therefore, essential. To this end, database security researchers have developed both access …
In this paper, we propose an observation-based fine grained access control (OFGAC) mechanism where data are made accessible at various levels of abstractions according to …
A Cortesi, R Halder - INTERNATIONAL JOURNAL OF COMPUTER …, 2013 - iris.unive.it
In this paper, we propose an observation-based fine grained access control (OFGAC) mechanism where data are made accessible at various levels of abstractions according to …