Access control by query rewriting: the case of KorAP
نویسندگان
چکیده
We present an approach to an aspect of managing complex access scenarios to large and heterogeneous corpora that involves handling user queries that, intentionally or due to the complexity of the queried resource, target texts or annotations outside of the given user’s permissions. We first outline the overall architecture of the corpus analysis platform KorAP, devoting some attention to the way in which it handles multiple query languages, by implementing ISO CQLF (Corpus Query Lingua Franca), which in turn constitutes a component crucial for the functionality discussed here. Next, we look at query rewriting as it is used by KorAP and zoom in on one kind of this procedure, namely the rewriting of queries that is forced by data access restrictions.†
منابع مشابه
Query Rewriting over Generalized XML Security Views
We investigate the experimental effectiveness of XML security views. Our model consists of access control policies specified over DTDs with XPath expression for datadependent access control policies. We provide the notion of security views for characterizing information accessible to authorized users. This is a transformed (sanitized) DTD schema that is used by users for query formulation. To a...
متن کاملRewriting of SPARQL/Update Queries for Securing Data Access
Several access control models for database management systems (DBMS) only consider how to manage select queries and then assume that similar mechanism would apply to update queries. However they do not take into account that updating data may possibly disclose some other sensitive data whose access would be forbidden through select queries. This is typically the case of current relational DBMS ...
متن کاملKorAP Architecture ― Diving in the Deep Sea of Corpus Data
KorAP is a corpus search and analysis platform, developed at the Institute for the German Language (IDS). It supports very large corpora with multiple annotation layers, multiple query languages, and complex licensing scenarios. KorAP’s design aims to be scalable, flexible, and sustainable to serve the German Reference Corpus DEREKO for at least the next decade. To meet these requirements, we h...
متن کاملA Dynamic Query-Rewriting Mechanism for Role-Based Access Control in Databases
Although Role-Based Access Control (RBAC) is a common security model currently, it has not been systematically applied in databases. In this paper, we propose a framework that enforces RBAC based on dynamic query rewriting. This framework grants privileges to data based on an intersection of roles, database structures, content, and privileges. All of this is implemented at the database level, w...
متن کاملQuery-Based Access Control for Ontologies
Role-based access control is a standard mechanism in information systems. Based on the role a user has, certain information is kept from the user even if requested. For ontologies representing knowledge, deciding what can be told to a user without revealing secrets is more difficult as the user might be able to infer secret knowledge using logical reasoning. In this paper, we present two approa...
متن کامل