Cryptographically Enforced Role-Based Access Control for NoSQL Distributed Databases - Data and Applications Security and Privacy XXXI
Conference Papers Year : 2017

Cryptographically Enforced Role-Based Access Control for NoSQL Distributed Databases

Yossif Shalabi
  • Function : Author
  • PersonId : 1026611
Ehud Gudes
  • Function : Author
  • PersonId : 978093

Abstract

The support for Role-Based Access Control (RBAC) using cryptography for NOSQL distributed databases is investigated. Cassandra is a NoSQL DBMS that efficiently supports very large databases, but provides rather simple security measures (an agent having physical access to a Cassandra cluster is usually assumed to have access to all data therein). Support for RBAC had been added almost as an afterthought, with the Node Coordinator having to mediate all requests to read and write data, in order to ensure that only the requests allowed by the Access Control Policy (ACP) are allowed through.In this paper, we propose a model and protocols for cryptographic enforcement of an ACP in a cassandra like system, which would ease the load on the Node Coordinator, thereby taking the bottleneck out of the existing security implementation. We allow any client to read the data from any storage node(s) – provided that only the clients whom the ACP grants access to a datum, would hold the encryption keys that enable these clients to decrypt the data.
Fichier principal
Vignette du fichier
453481_1_En_1_Chapter.pdf (345.93 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01684347 , version 1 (15-01-2018)

Licence

Identifiers

Cite

Yossif Shalabi, Ehud Gudes. Cryptographically Enforced Role-Based Access Control for NoSQL Distributed Databases. 31th IFIP Annual Conference on Data and Applications Security and Privacy (DBSEC), Jul 2017, Philadelphia, PA, United States. pp.3-19, ⟨10.1007/978-3-319-61176-1_1⟩. ⟨hal-01684347⟩
165 View
120 Download

Altmetric

Share

More