demonstration

StreamShield: a stream-centric approach towards security and privacy in data stream environments

Authors:
Rimma V. Nehme

Purdue University, West Lafayette, IN, USA

Purdue University, West Lafayette, IN, USA
View Profile

,
Hyo-Sang Lim

Purdue University, West Lafayette, IN, USA

Purdue University, West Lafayette, IN, USA
View Profile

,
Elisa Bertino

Purdue University, West Lafayette, IN, USA

Purdue University, West Lafayette, IN, USA
View Profile

,
Elke A. Rundensteiner

Worcester Polytechnic Institute, Worcester, MA, USA

Worcester Polytechnic Institute, Worcester, MA, USA
View Profile

SIGMOD '09: Proceedings of the 2009 ACM SIGMOD International Conference on Management of dataJune 2009Pages 1027–1030https://doi.org/10.1145/1559845.1559972

Published:29 June 2009Publication History

SIGMOD '09: Proceedings of the 2009 ACM SIGMOD International Conference on Management of data

Pages 1027–1030

ABSTRACT

We propose to demonstrate the StreamShield, a system designed to address the problem of security and privacy in the context of Data Stream Management Systems (DSMSs). In StreamShield, continuous access control is enforced by taking a novel "stream-centric" approach towards security. Security policies are not persistently stored on the server, but rather are depicted by security metadata, called "security punctuations", and get embedded into streams together with the data. We distinguish between two types of security punctuations: (1) the "data security punctuations" (dsps) describing the data-side security policies, and (2) the "query security punctuations" (qsps) representing the query-side security policies. The advantages of such stream-centric security model include flexibility, dynamicity and speed of enforcement. Furthermore, DSMSs can adapt to not only data-related but also to security-related selectivities, which helps reduce the waste of resources, when few subjects have access to streaming data.

References

A. Deshpande et.al. Adaptive query processing. Found. Trends databases, 1(1), 2007. Google ScholarDigital Library
M. A. Bishop. The Art and Science of Computer Security. Addison-Wesley Longman Publishing Co., Inc., 2002. Google ScholarDigital Library
Bright Kite. http://brightkite.com/.Google Scholar
Distributed Stream Integration. http://www.cis.upenn.edu/ zives/stream--integration/.Google Scholar
R.Nehme et.al. A security punctuation framework for enforcing access control on streaming data. In ICDE, pages 406--415, 2008. Google ScholarDigital Library
R.Sandhu et.al. The nist model for role-based access control: towards a unified standard. In RBAC, pages 47--63, 2000. Google ScholarDigital Library
T. Sutherland et.al. D-cape: distributed and self-tuned continuous query processing. In CIKM, pages 217--218, 2005. Google ScholarDigital Library

Index Terms

StreamShield: a stream-centric approach towards security and privacy in data stream environments
1. Information systems
  1. Data management systems
    1. Database management system engines

Recommendations

Demo: Attribute-Stream-Based Access Control (ASBAC) with the Streaming Attribute Policy Language (SAPL)
SACMAT '21: Proceedings of the 26th ACM Symposium on Access Control Models and Technologies

Traditional Attribute-Based Access Control (ABAC) implementations are based on a request-response protocol resulting in one decision for one authorization request. In stateful, session-based applications this may lead to polling the policy decision ...
Read More
Data Streams with Bounded Deletions
PODS '18: Proceedings of the 37th ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems

Two prevalent models in the data stream literature are the insertion-only and turnstile models. Unfortunately, many important streaming problems require a Θ(log(n)) multiplicative factor more space for turnstile streams than for insertion-only streams. ...
Read More
Summarizing spatial data streams using ClusterHulls

We consider the following problem: given an on-line, possibly unbounded stream of two-dimensional (2D) points, how can we summarize its spatial distribution or shape using a small, bounded amount of memory? We propose a novel scheme, called ClusterHull, ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SIGMOD '09: Proceedings of the 2009 ACM SIGMOD International Conference on Management of data
June 2009
1168 pages
ISBN:9781605585512
DOI:10.1145/1559845
Editors:
Carsten Binnig,
Benoit Dageville,
General Chairs:
Uğur Çetintemel
Brown University, USA
,
Stan Zdonik
Brown University, USA
,
Program Chair:
Donald Kossmann
ETH Zurich, Switzerland
Copyright © 2009 Copyright is held by the owner/author(s)
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 29 June 2009
Check for updates
Author Tags
access control
data streams
security punctuations
Qualifiers
- demonstration
Conference

Acceptance Rates
Overall Acceptance Rate785of4,003submissions,20%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 25
  Total Citations
  View Citations
- 608
  Total Downloads
- Downloads (Last 12 months)6
- Downloads (Last 6 weeks)2
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

StreamShield: a stream-centric approach towards security and privacy in data stream environments

SIGMOD '09: Proceedings of the 2009 ACM SIGMOD International Conference on Management of data

ABSTRACT

References

Cited By

Index Terms

Recommendations

Demo: Attribute-Stream-Based Access Control (ASBAC) with the Streaming Attribute Policy Language (SAPL)

Data Streams with Bounded Deletions

Summarizing spatial data streams using ClusterHulls

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

StreamShield: a stream-centric approach towards security and privacy in data stream environments

SIGMOD '09: Proceedings of the 2009 ACM SIGMOD International Conference on Management of data

ABSTRACT

References

Cited By

Index Terms

Recommendations

Demo: Attribute-Stream-Based Access Control (ASBAC) with the Streaming Attribute Policy Language (SAPL)

Data Streams with Bounded Deletions

Summarizing spatial data streams using ClusterHulls

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media