Claudia Morgado, Gisele Busichia Baioco, Tânia Basso, Regina L. O. Moraes
{"title":"面向图数据库访问控制的安全模型","authors":"Claudia Morgado, Gisele Busichia Baioco, Tânia Basso, Regina L. O. Moraes","doi":"10.1109/QRS.2018.00027","DOIUrl":null,"url":null,"abstract":"Nowadays, organizations collect vast amounts of data for future analysis. Motivated by this amount of data and requirements of Web2.0, a plethora of non-relational databases (NoSQL) emerged in recent years. However, several security features in relational databases (e.g., access control) have been left in non-relational management systems to be developed by the application, which can raise security breaches. This paper proposes a security model, based on the use of metadata, to provide access control for NoSQL graph-oriented database management system. The goal is to support the development of applications that use graph-oriented database in preserving the integrity of stored data and protect them from non-authorized access. A case study was performed as proof of concept, where the model was instantiated and implemented for Neo4j database. Results showed that access restrictions were applied correctly, avoiding unauthorized access. A schema for Neo4j was provided, once it does not have a native one.","PeriodicalId":114973,"journal":{"name":"2018 IEEE International Conference on Software Quality, Reliability and Security (QRS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":"{\"title\":\"A Security Model for Access Control in Graph-Oriented Databases\",\"authors\":\"Claudia Morgado, Gisele Busichia Baioco, Tânia Basso, Regina L. O. Moraes\",\"doi\":\"10.1109/QRS.2018.00027\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Nowadays, organizations collect vast amounts of data for future analysis. Motivated by this amount of data and requirements of Web2.0, a plethora of non-relational databases (NoSQL) emerged in recent years. However, several security features in relational databases (e.g., access control) have been left in non-relational management systems to be developed by the application, which can raise security breaches. This paper proposes a security model, based on the use of metadata, to provide access control for NoSQL graph-oriented database management system. The goal is to support the development of applications that use graph-oriented database in preserving the integrity of stored data and protect them from non-authorized access. A case study was performed as proof of concept, where the model was instantiated and implemented for Neo4j database. Results showed that access restrictions were applied correctly, avoiding unauthorized access. A schema for Neo4j was provided, once it does not have a native one.\",\"PeriodicalId\":114973,\"journal\":{\"name\":\"2018 IEEE International Conference on Software Quality, Reliability and Security (QRS)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"12\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE International Conference on Software Quality, Reliability and Security (QRS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/QRS.2018.00027\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE International Conference on Software Quality, Reliability and Security (QRS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS.2018.00027","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Security Model for Access Control in Graph-Oriented Databases
Nowadays, organizations collect vast amounts of data for future analysis. Motivated by this amount of data and requirements of Web2.0, a plethora of non-relational databases (NoSQL) emerged in recent years. However, several security features in relational databases (e.g., access control) have been left in non-relational management systems to be developed by the application, which can raise security breaches. This paper proposes a security model, based on the use of metadata, to provide access control for NoSQL graph-oriented database management system. The goal is to support the development of applications that use graph-oriented database in preserving the integrity of stored data and protect them from non-authorized access. A case study was performed as proof of concept, where the model was instantiated and implemented for Neo4j database. Results showed that access restrictions were applied correctly, avoiding unauthorized access. A schema for Neo4j was provided, once it does not have a native one.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
