StreamShield: a stream-centric approach towards security and privacy in data stream environments

Proceedings of the 2009 ACM SIGMOD International Conference on Management of data Pub Date : 2009-06-29 DOI:10.1145/1559845.1559972

Rimma V. Nehme, Hyo-Sang Lim, E. Bertino, Elke A. Rundensteiner

{"title":"StreamShield: a stream-centric approach towards security and privacy in data stream environments","authors":"Rimma V. Nehme, Hyo-Sang Lim, E. Bertino, Elke A. Rundensteiner","doi":"10.1145/1559845.1559972","DOIUrl":null,"url":null,"abstract":"We propose to demonstrate the StreamShield, a system designed to address the problem of security and privacy in the context of Data Stream Management Systems (DSMSs). In StreamShield, continuous access control is enforced by taking a novel \"stream-centric\" approach towards security. Security policies are not persistently stored on the server, but rather are depicted by security metadata, called \"security punctuations\", and get embedded into streams together with the data. We distinguish between two types of security punctuations: (1) the \"data security punctuations\" (dsps) describing the data-side security policies, and (2) the \"query security punctuations\" (qsps) representing the query-side security policies. The advantages of such stream-centric security model include flexibility, dynamicity and speed of enforcement. Furthermore, DSMSs can adapt to not only data-related but also to security-related selectivities, which helps reduce the waste of resources, when few subjects have access to streaming data.","PeriodicalId":344093,"journal":{"name":"Proceedings of the 2009 ACM SIGMOD International Conference on Management of data","volume":"41 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-06-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"33","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2009 ACM SIGMOD International Conference on Management of data","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1559845.1559972","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 33

Abstract

We propose to demonstrate the StreamShield, a system designed to address the problem of security and privacy in the context of Data Stream Management Systems (DSMSs). In StreamShield, continuous access control is enforced by taking a novel "stream-centric" approach towards security. Security policies are not persistently stored on the server, but rather are depicted by security metadata, called "security punctuations", and get embedded into streams together with the data. We distinguish between two types of security punctuations: (1) the "data security punctuations" (dsps) describing the data-side security policies, and (2) the "query security punctuations" (qsps) representing the query-side security policies. The advantages of such stream-centric security model include flexibility, dynamicity and speed of enforcement. Furthermore, DSMSs can adapt to not only data-related but also to security-related selectivities, which helps reduce the waste of resources, when few subjects have access to streaming data.

查看原文本刊更多论文

StreamShield:一种在数据流环境中实现安全和隐私的以流为中心的方法

我们建议演示StreamShield，一个旨在解决数据流管理系统(DSMSs)背景下的安全和隐私问题的系统。在StreamShield中，连续访问控制是通过采用一种新颖的“以流为中心”的安全方法来实现的。安全策略不是持久地存储在服务器上，而是由称为“安全标点”的安全元数据描述，并与数据一起嵌入到流中。我们区分两种类型的安全标点:(1)描述数据端安全策略的“数据安全标点”(dsps)，以及(2)代表查询端安全策略的“查询安全标点”(qsps)。这种以流为中心的安全模型的优点包括灵活性、动态性和执行速度。此外，dsm不仅可以适应与数据相关的选择，还可以适应与安全相关的选择，这有助于减少资源浪费，当很少有主题可以访问流数据时。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2009 ACM SIGMOD International Conference on Management of data

自引率

0.00%

发文量