Effectively and Efficiently Selecting Access Control Rules on Materialized Views over Relational Databases

A novel framework for effectively and efficiently selecting fine-grained access control rules from a target relational database to the set of materialized views defined on such a database is presented and experimentally assessed in this paper, along with the main algorithm implementing the focal selection task, called VSP-Bucket. The proposed security framework introduces a number of research innovations, ranging from a novel Datalog-based syntax, and related semantics, aimed at modeling and expressing access control rules over relational databases to algorithm VSP-Bucket itself, which is a meaningful adaptation of a well-know view-based query re-writing algorithm for query optimization purposes. Our framework exposes a high flexibility, due to the fact it allows several classes of access control rules to be expressed and handled on top of large relational databases, and, at the same, it introduces high effectiveness and efficiency, as demonstrated by our comprehensive experimental evaluation and analysis of performance and scalability of algorithm VSP-Bucket.