Claudia Morgado, Gisele Busichia Baioco, Tânia Basso, Regina L. O. Moraes
{"title":"A Security Model for Access Control in Graph-Oriented Databases","authors":"Claudia Morgado, Gisele Busichia Baioco, Tânia Basso, Regina L. O. Moraes","doi":"10.1109/QRS.2018.00027","DOIUrl":null,"url":null,"abstract":"Nowadays, organizations collect vast amounts of data for future analysis. Motivated by this amount of data and requirements of Web2.0, a plethora of non-relational databases (NoSQL) emerged in recent years. However, several security features in relational databases (e.g., access control) have been left in non-relational management systems to be developed by the application, which can raise security breaches. This paper proposes a security model, based on the use of metadata, to provide access control for NoSQL graph-oriented database management system. The goal is to support the development of applications that use graph-oriented database in preserving the integrity of stored data and protect them from non-authorized access. A case study was performed as proof of concept, where the model was instantiated and implemented for Neo4j database. Results showed that access restrictions were applied correctly, avoiding unauthorized access. A schema for Neo4j was provided, once it does not have a native one.","PeriodicalId":114973,"journal":{"name":"2018 IEEE International Conference on Software Quality, Reliability and Security (QRS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Conference on Software Quality, Reliability and Security (QRS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS.2018.00027","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 12
Abstract
Nowadays, organizations collect vast amounts of data for future analysis. Motivated by this amount of data and requirements of Web2.0, a plethora of non-relational databases (NoSQL) emerged in recent years. However, several security features in relational databases (e.g., access control) have been left in non-relational management systems to be developed by the application, which can raise security breaches. This paper proposes a security model, based on the use of metadata, to provide access control for NoSQL graph-oriented database management system. The goal is to support the development of applications that use graph-oriented database in preserving the integrity of stored data and protect them from non-authorized access. A case study was performed as proof of concept, where the model was instantiated and implemented for Neo4j database. Results showed that access restrictions were applied correctly, avoiding unauthorized access. A schema for Neo4j was provided, once it does not have a native one.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
