An ontology-based secure design framework for graph-based databases
Por favor, use este identificador para citar o enlazar este ítem:
http://hdl.handle.net/10045/138149
Título: | An ontology-based secure design framework for graph-based databases |
---|---|
Autor/es: | Paneque, Manuel | Roldán-García, María del Mar | Blanco Bueno, Carlos | Maté, Alejandro | Rosado, David G. | Trujillo, Juan |
Grupo/s de investigación o GITE: | Lucentia |
Centro, Departamento o Servicio: | Universidad de Alicante. Departamento de Lenguajes y Sistemas Informáticos |
Palabras clave: | Ontology | Security | Reasoning | Knowledge extraction | Healthcare |
Fecha de publicación: | 20-oct-2023 |
Editor: | Elsevier |
Cita bibliográfica: | Computer Standards & Interfaces. 2024, 88: 103801. https://doi.org/10.1016/j.csi.2023.103801 |
Resumen: | Graph-based databases are concerned with performance and flexibility. Most of the existing approaches used to design secure NoSQL databases are limited to the final implementation stage, and do not involve the design of security and access control issues at higher abstraction levels. Ensuring security and access control for Graph-based databases is difficult, as each approach differs significantly depending on the technology employed. In this paper, we propose the first technology-ascetic framework with which to design secure Graph-based databases. Our proposal raises the abstraction level by using ontologies to simultaneously model database and security requirements together. This is supported by the TITAN framework, which facilitates the way in which both aspects are dealt with. The great advantages of our approach are, therefore, that it: allows database designers to focus on the simultaneous protection of security and data while ignoring the implementation details; facilitates the secure design and rapid migration of security rules by deriving specific security measures for each underlying technology, and enables database designers to employ ontology reasoning in order to verify whether the security rules are consistent. We show the applicability of our proposal by applying it to a case study based on a hospital data access control. |
Patrocinador/es: | This work has been developed within the AETHER-UA (PID2020-112540RB-C43), AETHER-UMA (PID2020-112540RB-C41) and AETHER-UCLM (PID2020-112540RB-C42), ALBA (TED2021-130355B-C31, TED2021-130355B-C33), PRESECREL (PID2021-124502OB-C42) projects funded by the “Ministerio de Ciencia e Innovación”, Andalusian PAIDI program with grant (P18-RT-2799) and the BALLADER Project (PROMETEO/2021/088) funded by the “Consellería de Innovación, Universidades, Ciencia Sociedad Digital”, Generalitat Valenciana. |
URI: | http://hdl.handle.net/10045/138149 |
ISSN: | 0920-5489 (Print) | 1872-7018 (Online) |
DOI: | 10.1016/j.csi.2023.103801 |
Idioma: | eng |
Tipo: | info:eu-repo/semantics/article |
Derechos: | © 2023 The Author(s). Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). |
Revisión científica: | si |
Versión del editor: | https://doi.org/10.1016/j.csi.2023.103801 |
Aparece en las colecciones: | INV - LUCENTIA - Artículos de Revistas |
Archivos en este ítem:
Archivo | Descripción | Tamaño | Formato | |
---|---|---|---|---|
Paneque_etal_2023_ComputStandInterf.pdf | 2,94 MB | Adobe PDF | Abrir Vista previa | |
Todos los documentos en RUA están protegidos por derechos de autor. Algunos derechos reservados.