An ontology-based secure design framework for graph-based databases

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE Computer Standards & Interfaces Pub Date : 2023-10-20 DOI:10.1016/j.csi.2023.103801

Manuel Paneque , María del Mar Roldán-García , Carlos Blanco , Alejandro Maté , David G. Rosado , Juan Trujillo

{"title":"An ontology-based secure design framework for graph-based databases","authors":"Manuel Paneque , María del Mar Roldán-García , Carlos Blanco , Alejandro Maté , David G. Rosado , Juan Trujillo","doi":"10.1016/j.csi.2023.103801","DOIUrl":null,"url":null,"abstract":"<div><p>Graph-based databases are concerned with performance and flexibility. Most of the existing approaches used to design secure NoSQL databases are limited to the final implementation stage, and do not involve the design of security and access control issues at higher abstraction levels. Ensuring security and access control for Graph-based databases is difficult, as each approach differs significantly depending on the technology employed. In this paper, we propose the first technology-ascetic framework with which to design secure Graph-based databases. Our proposal raises the abstraction level by using ontologies to simultaneously model database and security requirements together. This is supported by the TITAN framework, which facilitates the way in which both aspects are dealt with. The great advantages of our approach are, therefore, that it: allows database designers to focus on the simultaneous protection of security and data while ignoring the implementation details; facilitates the secure design and rapid migration of security rules by deriving specific security measures for each underlying technology, and enables database designers to employ ontology reasoning in order to verify whether the security rules are consistent. We show the applicability of our proposal by applying it to a case study based on a hospital data access control.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":null,"pages":null},"PeriodicalIF":4.1000,"publicationDate":"2023-10-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S092054892300082X/pdfft?md5=0a9a1f4b56146a84734ebd49473c7240&pid=1-s2.0-S092054892300082X-main.pdf","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Standards & Interfaces","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S092054892300082X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Graph-based databases are concerned with performance and flexibility. Most of the existing approaches used to design secure NoSQL databases are limited to the final implementation stage, and do not involve the design of security and access control issues at higher abstraction levels. Ensuring security and access control for Graph-based databases is difficult, as each approach differs significantly depending on the technology employed. In this paper, we propose the first technology-ascetic framework with which to design secure Graph-based databases. Our proposal raises the abstraction level by using ontologies to simultaneously model database and security requirements together. This is supported by the TITAN framework, which facilitates the way in which both aspects are dealt with. The great advantages of our approach are, therefore, that it: allows database designers to focus on the simultaneous protection of security and data while ignoring the implementation details; facilitates the secure design and rapid migration of security rules by deriving specific security measures for each underlying technology, and enables database designers to employ ontology reasoning in order to verify whether the security rules are consistent. We show the applicability of our proposal by applying it to a case study based on a hospital data access control.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于本体的基于图的数据库安全设计框架

基于图的数据库关注的是性能和灵活性。大多数用于设计安全NoSQL数据库的现有方法都局限于最后的实现阶段，并且不涉及更高抽象级别的安全性和访问控制问题的设计。确保基于图的数据库的安全性和访问控制是很困难的，因为根据所采用的技术，每种方法都有很大的不同。在本文中，我们提出了第一个技术禁欲框架，用于设计安全的基于图的数据库。我们的建议通过使用本体同时对数据库和安全需求进行建模，从而提高了抽象级别。TITAN框架支持这一点，它简化了处理这两个方面的方式。因此，我们的方法的巨大优势在于:允许数据库设计人员同时关注安全和数据的保护，而忽略实现细节;通过为每一种底层技术推导具体的安全措施，促进安全规则的安全设计和快速迁移，并使数据库设计人员能够使用本体推理来验证安全规则是否一致。我们通过将建议应用于基于医院数据访问控制的案例研究来展示其适用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Computer Standards & Interfaces 工程技术-计算机：软件工程

CiteScore

11.90

自引率

16.00%

发文量

审稿时长

6 months

期刊介绍： The quality of software, well-defined interfaces (hardware and software), the process of digitalisation, and accepted standards in these fields are essential for building and exploiting complex computing, communication, multimedia and measuring systems. Standards can simplify the design and construction of individual hardware and software components and help to ensure satisfactory interworking. Computer Standards & Interfaces is an international journal dealing specifically with these topics. The journal • Provides information about activities and progress on the definition of computer standards, software quality, interfaces and methods, at national, European and international levels • Publishes critical comments on standards and standards activities • Disseminates user''s experiences and case studies in the application and exploitation of established or emerging standards, interfaces and methods • Offers a forum for discussion on actual projects, standards, interfaces and methods by recognised experts • Stimulates relevant research by providing a specialised refereed medium.