Fine-Grained Mandatory Query Access Control Model and Its Efficient Realization for Spatial Vector Data
Author:
Affiliation:

  • Article
  • | |
  • Metrics
  • |
  • Reference [11]
  • |
  • Related [20]
  • |
  • Cited by [2]
  • | |
  • Comments
    Abstract:

    To protect the spatial vector data, which is often in an irregular shape and distributed throughout multiple sensitive areas, the traditional mandatory access control model is extended and explained in this paper. This paper also proposes a fine-grained spatial mandatory query access control model?SV_MAC (spatial vector data mandatory access control model). Also, an AR+ spatial index tree technique is advanced, which combines the search of both spatial data and access control policies together to efficiently enforce the SV_MAC model in the course of spatial vector data searching. Experiment results shows that AR+ tree can not only provide fine-grained security protection for sensitive spatial vector data, but can also guarantee good user experience for GIS (geography information system) applications.

    Reference
    [1] OGC reference model (ORM). 2003. http://www.opengeospatial.org/standards/orm#_Toc87953568
    [2] Cui TJ. Principles of Geospatial Databases. Beijing: Science Press, 2007 (in Chinese).
    [3] Bell DE, LaPadula LJ. Secure computer system: Unified exposition and multics interpretation. Technical Report, MTR-2997 Rev.1, Bedford: The MITRE Corporation, 1976.
    [4] Zhang MB, Lu F, Shen PW, Cheng CX. The evolvement and progress of R-tree family. Chinese Journal of Computers, 2005,28(3): 289?300 (in Chinese with English abstract).
    [5] Guo W, Guo J, Hu ZY. Spatial Database Indexing Techniques. Shanghai: Shanghai Jiaotong University Press, 2006 (in Chinese).
    [6] Chun SA, Atluri V. Protecting privacy from continuous high-resolution satellite surveillance. In: Thuraisingham BM, van de Riet RP, Dittrich KR, Tari Z, eds. Proc. of the IFIP TC11/WG11.3 14th Annual Working Conf. on Data and Applications Security. Catalonia: Springer-Verlag, 2000. 233?244. [doi: 10.1007/0-306-47008-X_21]
    [7] Atluri V, Chun SA. An authorization model for geospatial data. IEEE Trans. on Dependable and Secure Computing, 2004,4(1): 238?254. [doi: 10.1109/TDSC.2004.32]
    [8] Belussi A, Bertino E, Catania B, Damiani ML, Nucita A. An authorization model for geographical maps. In: Cruz IF, Pfoser D, eds. Proc. of the 12th ACM Int’l Workshop on Geographic Information Systems (ACM-GIS). Washington: ACM Press, 2004. 82?91. [doi: 10.1145/1032222.1032236]
    [9] Atluri V, Mazzoleni P. A uniform indexing scheme for geo-spatial data and authorizations. In: Gudes E, Shenoi S, eds. Proc. of the IFIP TC11/WG11.3 16th Conf. on Data and Application Security. Catalonia: Springer-Verlag, 2003. 207?218.
    [10] Atluri V, Guo Q. STAR-TREE: An index structure for efficient evaluation of spatiotemporal authorizations. In: Farkas C, Samarati P, eds. Proc. of the IFIP TC11/WG 11.3 18th Annual Conf. on Data and Applications Security. Catalonia: Springer-Verlag, 2004. 31?47. [doi: 10.1007/1-4020-8128-6_3]
    [11] Atluri V, Shin H, Vaidya J. Efficient security policy enforcement for the mobile environment. Journal of Computer Security, 2008, 16(4):439?475.
    Comments
    Comments
    分享到微博
    Submit
Get Citation

张妍,陈驰,冯登国.空间矢量数据细粒度强制查询访问控制模型及其高效实现.软件学报,2011,22(8):1872-1883

Copy
Share
Article Metrics
  • Abstract:5100
  • PDF: 6292
  • HTML: 0
  • Cited by: 0
History
  • Received:November 11,2009
  • Revised:April 14,2010
You are the first2049976Visitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063