English
Related papers

Related papers: DePLOI: Applying NL2SQL to Synthesize and Audit Da…

200 papers

Least privilege is a core security principle: grant each request only the minimum access needed to achieve its goal. Deployed language models almost never follow it, instead being exposed through a single API endpoint that serves all users…

Cryptography and Security · Computer Science 2026-03-05 Paulius Rauba , Dominykas Seputis , Patrikas Vanagas , Mihaela van der Schaar

In general, deep learning models use to make informed decisions immensely. Developed models are mainly based on centralized servers, which face several issues, including transparency, traceability, reliability, security, and privacy. In…

Cryptography and Security · Computer Science 2023-03-28 Asma Jodeiri Akbarfam , Sina Barazandeh , Hoda Maleki , Deepti Gupta

Role-Based Access Control (RBAC) struggles to adapt to dynamic enterprise environments with documents that contain information that cannot be disclosed to specific user groups. As these documents are used by LLM-driven systems (e.g., in…

Cryptography and Security · Computer Science 2025-12-24 Michele Lorenzo , Idilio Drago , Dario Salvadori , Fabio Romolo Vayr

Existing SQL access control mechanisms are extremely limited. Attackers can leak information and escalate their privileges using advanced database features such as views, triggers, and integrity constraints. This is not merely a problem of…

Cryptography and Security · Computer Science 2016-11-18 Marco Guarnieri , Srdjan Marinovic , David Basin

In large databases, creating user interface for browsing or performing insertion, deletion or modification of data is very costly in terms of programming. In addition, each modification of an access control policy causes many potential and…

Cryptography and Security · Computer Science 2015-06-01 Kambiz Ghazinour , Mehdi Ghayoumi

Attribute-based access control (ABAC) promises a powerful way of formalizing access policies in support of a wide range of access management scenarios. Efficient implementation of ABAC in its general form is still a challenge, especially…

Cryptography and Security · Computer Science 2019-09-24 Hadi Ahmadi , Derek Small

The deployment of Large Language Model (LLM)-generated SQL queries in Artificial Intelligence of Things (AIoT) systems introduces critical security risks, as prompt injection attacks can manipulate LLMs into producing unauthorized queries…

Cryptography and Security · Computer Science 2026-05-08 Wonbae Kim , Hee-Kyong Yoo

An authorisation has been recognised as an important security measure for preventing unauthorised access to critical resources, such as devices and data, within the Internet of Things (IoT) networks. Existing authorisation methods for the…

Cryptography and Security · Computer Science 2022-08-16 Khizar Hameed , Ali Raza , Saurabh Garg , Muhammad Bilal Amin

In the Internet of Things (IoT) domain, devices need a platform to transact seamlessly without a trusted intermediary. Although Distributed Ledger Technologies (DLTs) could provide such a platform, blockchains, such as Bitcoin, were not…

Networking and Internet Architecture · Computer Science 2021-07-15 Andrew Cullen , Pietro Ferraro , William Sanders , Luigi Vigneri , Robert Shorten

Organizations often lay down rules or guidelines called Natural Language Access Control Policies (NLACPs) for specifying who gets access to which information and when. However, these cannot be directly used in a target access control model…

Cryptography and Security · Computer Science 2025-02-19 Pratik Sonune , Ritwik Rai , Shamik Sural , Vijayalakshmi Atluri , Ashish Kundu

With the rapid advances in computing and information technologies, traditional access control models have become inadequate in terms of capturing fine-grained, and expressive security requirements of newly emerging applications. An…

Cryptography and Security · Computer Science 2021-02-02 Leila Karimi , Maryam Aldairi , James Joshi , Mai Abdelhakim

Current approaches of enforcing FGAC in Database Management Systems (DBMS) do not scale in scenarios when the number of policies are in the order of thousands. This paper identifies such a use case in the context of emerging smart spaces…

Databases · Computer Science 2020-06-19 Primal Pappachan , Roberto Yus , Sharad Mehrotra , Johann-Christoph Freytag

In enterprise settings, organizational data is segregated, siloed and carefully protected by elaborate access control frameworks. These access control structures can completely break down if an LLM fine-tuned on the siloed data serves…

Cryptography and Security · Computer Science 2025-10-06 Bargav Jayaraman , Virendra J. Marathe , Hamid Mozaffari , William F. Shen , Krishnaram Kenthapadi

Distributed Autoepistemic Logic with Inductive Definitions (dAEL(ID)) is a recently proposed non-monotonic logic for says-based access control. We define a query-driven decision procedure for dAEL(ID) that is implemented in the…

Logic in Computer Science · Computer Science 2019-10-10 Diego Agustín Ambrossio , Marcos Cramer

Automated management requires decomposing high-level user requests, such as intents, to an abstraction that the system can understand and execute. This is challenging because even a simple intent requires performing a number of ordered…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-02-16 Kristina Dzeparoska , Jieyu Lin , Ali Tizghadam , Alberto Leon-Garcia

The Internet of Things (IoT) necessitates robust access control mechanisms to secure a vast array of interconnected devices. Most of the existing IoT systems in practice use centralized solutions. We identify the problems in such solutions…

Distributed, Parallel, and Cluster Computing · Computer Science 2024-05-27 Yongtao Huang , I-Ling Yen , Farokh Bastani

Growing privacy regulations and internal governance mandates are driving demand for fine-grained, context-sensitive access control in data management systems. Among competing approaches, content-based access control -- where access…

Databases · Computer Science 2026-04-20 Ahana Pradhan , Srinivas Karthik , Imtiyazuddin Shaik , Srinivas Vivek

Many languages and algebras have been proposed in recent years for the specification of authorization policies. For some proposals, such as XACML, the main motivation is to address real-world requirements, typically by providing a complex…

Cryptography and Security · Computer Science 2011-11-28 Jason Crampton , Charles Morisset

Proliferation of systems that generate enormous amounts of data and operate in real time has led researchers to rethink the current organization of the cloud. Many proposed solutions consist of a number of small data centers in the vicinity…

Cryptography and Security · Computer Science 2024-10-29 Tamara Ranković , Miloš Simić , Milan Stojkov , Goran Sladić

Access control is an important component for web services such as a cloud. Current clouds tend to design the access control mechanism together with the policy language on their own. It leads to two issues: (i) a cloud user has to learn…

Cryptography and Security · Computer Science 2019-03-26 Yang Luo , Qingni Shen , Zhonghai Wu