TY - GEN
T1 - Privacy-preserving semantic interoperation and access control of heterogeneous databases
AU - Mitra, Prasenjit
AU - Pan, Chi Chun
AU - Liu, Peng
AU - Atluri, Vijayalakshmi
PY - 2006
Y1 - 2006
N2 - Today, many applications require users from one organization to access data belonging to organizations. While traditional solutions offered for the federated and mediated databases facilitate this by sharing metadata, this may not be acceptable for certain organizations due to privacy concerns. In this paper, we propose a novel solution - Privacy-preserving Access Control Toolkit (PACT) - that enables privacy-preserving secure semantic access control and allows sharing of data among heterogeneous databases without having to share metadata. PACT uses encrypted ontologies, encrypted ontology-mapping tables and conversion functions, encrypted role hierarchies and encrypted queries. The encrypted results of queries are sent directly from the responding system to the requesting system, bypassing the mediator to further improve the security of the system. PACT provides semantic access control using ontologies and semantically expanded authorization tables at the mediator. One of the distinguishing features of the PACT is that it requires very little changes to underlying databases. Despite using encrypted queries and encrypted mediation, we demonstrate that PACT provides acceptable performance.
AB - Today, many applications require users from one organization to access data belonging to organizations. While traditional solutions offered for the federated and mediated databases facilitate this by sharing metadata, this may not be acceptable for certain organizations due to privacy concerns. In this paper, we propose a novel solution - Privacy-preserving Access Control Toolkit (PACT) - that enables privacy-preserving secure semantic access control and allows sharing of data among heterogeneous databases without having to share metadata. PACT uses encrypted ontologies, encrypted ontology-mapping tables and conversion functions, encrypted role hierarchies and encrypted queries. The encrypted results of queries are sent directly from the responding system to the requesting system, bypassing the mediator to further improve the security of the system. PACT provides semantic access control using ontologies and semantically expanded authorization tables at the mediator. One of the distinguishing features of the PACT is that it requires very little changes to underlying databases. Despite using encrypted queries and encrypted mediation, we demonstrate that PACT provides acceptable performance.
UR - http://www.scopus.com/inward/record.url?scp=34247379108&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34247379108&partnerID=8YFLogxK
U2 - 10.1145/1128817.1128831
DO - 10.1145/1128817.1128831
M3 - Conference contribution
AN - SCOPUS:34247379108
SN - 1595932720
SN - 9781595932723
T3 - Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS '06
SP - 66
EP - 77
BT - Proceedings of the 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS '06
T2 - 2006 ACM Symposium on Information, Computer and Communications Security, ASIACCS '06
Y2 - 21 March 2007 through 24 March 2007
ER -