Protecting Data in Relational Database Management System using Purpose and RoleBased Access Control
Main Article Content
Abstract
Background/Objectives: Privacy is a key requirement in handling personal and sensitive data. The Database Management System (DBMS) stores such kind of data and also provides tools to access and analyze this data.
Methods/Statistical analysis: The Role-Based Access Control (RBAC) regulates the access to resources based on the roles of individual users. Purpose Based Access Control (PuBAC) regulates the access based on the purpose for which data can be accessed. It regulates the execution of queries based on purpose.
Findings: From the result, it is observed that some records accessed by considering the purpose and role-based access control are less than some records accessed by original and purpose based access control query result. The system is more secure than the previous one.
Improvements/Applications: This work can be used in the organizations, government, and private offices academic institutes. It can be extended to support big data and conditional purpose based access control.
Article Details
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
IJCERT Policy:
The published work presented in this paper is licensed under the Creative Commons Attribution 4.0 International (CC BY 4.0) license. This means that the content of this paper can be shared, copied, and redistributed in any medium or format, as long as the original author is properly attributed. Additionally, any derivative works based on this paper must also be licensed under the same terms. This licensing agreement allows for broad dissemination and use of the work while maintaining the author's rights and recognition.
By submitting this paper to IJCERT, the author(s) agree to these licensing terms and confirm that the work is original and does not infringe on any third-party copyright or intellectual property rights.
References
J.Byun and N.Li, “Purpose based access control for privacy protection in a relational database system,†VLDB J., vol.17, no.4, pp. 603–619, 2008.
M.E.Kabir and H.Wang, “Conditional purpose based access control model for privacy protection,†in Proc. 20th Australian Conference Australian Database, 2009, vol.92, pp. 135–142.
P.Colombo and E.Ferrari, “Enforcement of purpose based access control within relational database management systems,†IEEE Transactions Knowledge Data Engineering, vol.26, no.11, pp.2703-2716, Nov 2014.
P.Colombo and E.Ferrari, “Enforcing obligations within relational database management systemsâ€, IEEE Transactions Dependable secure computing, vol.11, no.4, pp.318-331, Jul/Aug 2014.
M. Jafari, P. W. Fong, R. Safavi-Naini, K. Barker, and N. P. Sheppard, “Towards defining Semantic foundations for purpose-based privacy policies,†in Proc. 1st ACM Conf. Data Appl. Security Privacy, 2011, pp. 213-224.
P.Colombo and E.Ferrari, “Efficient enforcement of action-aware purpose-based access control within relational database management systems,†IEEE Transaction Knowledge Data Engineering, vol. 27, no.08, pp. 2134-2147, Aug 2015.
M. Kabir, H. Wang, and E. Bertino, “A role-involved conditional purpose-based access control model,†in E-Government, E-Services and Global Processes, series IFIP Advances in Information and Communication Technology, vol. 334, M. Janssen, W. Lamersdorf, J. Pries-Heje, and M. Rosemann, Eds. Springer, 2010.
V.Nikitha, P.Jhansi , K.Neelima and D.Anusha ,†Data sets preparing for Data mining analysis by SQL Horizontal Aggregation,†International Journal of Computer Engineering In Research Trends.,vol.3,no.9,pp. 225-229,2014.
Neelima Kuderu, Dr. Vijaya Kumari,†Relational Database to NoSQL Conversion by Schema Migration and Mapping ,â€International Journal of Computer Engineering In Research Trends.,vol.3,no.9,pp. 506-513,2016.
Jollu Jayachandrudu,M.Sri lakshmi,Dr.S.Prem Kumar,†Enhanced Independent Access to Encrypted Cloud Databases ,â€International Journal of Computer Engineering In Research Trends.,vol.2,no.9,pp. 589-593,2015.