English
Related papers

Related papers: DePLOI: Applying NL2SQL to Synthesize and Audit Da…

200 papers

Optimizing the physical data storage and retrieval of data are two key database management problems. In this paper, we propose a language that can express a wide range of physical database layouts, going well beyond the row- and…

Programming Languages · Computer Science 2020-02-07 John K. Feser , Samuel Madden , Nan Tang , Armando Solar-Lezama

Access control is fundamental to computer security, and has thus been the subject of extensive formal study. In particular, *relative expressiveness analysis* techniques have used formal mappings called *simulations* to explore whether one…

Cryptography and Security · Computer Science 2015-05-05 William C. Garrison , Adam J. Lee

Enterprises commonly deploy heterogeneous database systems, each of which owns a distinct SQL dialect with different syntax rules, built-in functions, and execution constraints. However, most existing NL2SQL methods assume a single dialect…

Databases · Computer Science 2026-03-10 Xiang Zhang , Hongming Xu , Le Zhou , Wei Zhou , Xuanhe Zhou , Guoliang Li , Yuyu Luo , Changdong Liu , Guorun Chen , Jiang Liao , Fan Wu

Role-Based Access Control (RBAC) is a popular authorization model used to manage data-access constraints in a wide range of systems. RBAC usually defines the static view on the access rights. However, to ensure dependability of a system, it…

Software Engineering · Computer Science 2018-05-16 Inna Vistbakka , Elena Troubitsyna

To design a discretionary access control policy, a technique is proposed that uses the principle of analogies and is based on both the properties of objects and the properties of subjects. As attributes characterizing these properties, the…

Cryptography and Security · Computer Science 2019-05-22 S. V. Belim , N. F. Bogachenko , A. N. Kabanov

This paper considers the problem of decentralized analysis and control synthesis to verify and ensure properties like stability and dissipativity of a large-scale networked system comprised of linear subsystems interconnected in an…

Systems and Control · Electrical Eng. & Systems 2022-09-05 Shirantha Welikala , Hai Lin , Panos Antsaklis

Data-intensive applications exhibit increasing reliance on Database Management Systems (DBMSs, for short). With the growing cyber-security threats to government and commercial infrastructures, the need to develop high resilient cyber…

Cryptography and Security · Computer Science 2018-10-09 Muhamad Felemban , Yahya Javeed , Jason Kobes , Thamir Qadah , Arif Ghafoor , Walid Aref

Attribute-based access control (ABAC) provides a high level of flexibility that promotes security and information sharing. ABAC policy mining algorithms have potential to significantly reduce the cost of migration to ABAC, by partially…

Cryptography and Security · Computer Science 2018-02-14 Zhongyuan Xu , Scott D. Stoller

The existence of errors or inconsistencies in the configuration of security components, such as filtering routers and/or firewalls, may lead to weak access control policies -- potentially easy to be evaded by unauthorized parties. We…

Cryptography and Security · Computer Science 2008-12-18 Joaquin Garcia-Alfaro , Frederic Cuppens , Nora Cuppens-Boulahia

In recent years we have seen significant advances in the technology used to both publish and consume Linked Data. However, in order to support the next generation of ebusiness applications on top of interlinked machine readable data…

Databases · Computer Science 2021-01-01 Sabrina Kirrane , Alessandra Mileo , Axel Polleres , Stefan Decker

Auditing provides an essential security control in computer systems, by keeping track of all access attempts, including both legitimate and illegal access attempts. This phase can be useful to the context of audits, where eventual…

Cryptography and Security · Computer Science 2020-06-09 Sara Rouhani , Rafael Belchior , Rui S. Cruz , Ralph Deters

Authoring access control policies is challenging and prone to misconfigurations. Access control policies must be conflict-free. Hence, administrators should identify discrepancies between policy specifications and their intended function to…

Cryptography and Security · Computer Science 2023-03-30 Antonios Gouglidis , Anna Kagia , Vincent C. Hu

Modern web applications serve large amounts of sensitive user data, access to which is typically governed by data-access policies. Enforcing such policies is crucial to preventing improper data access, and prior work has proposed many…

Databases · Computer Science 2022-06-02 Wen Zhang , Eric Sheng , Michael Chang , Aurojit Panda , Mooly Sagiv , Scott Shenker

Two-phase locking (2PL) is a consolidated policy commonly adopted by Database Management Systems to enforce serializability of a schedule. While the policy is well understood, both in its standard and in the strict version, automatically…

Databases · Computer Science 2025-01-14 Davide Martinenghi

Traditional access control systems, including RBAC, face significant limitations such as inflexible role definitions, difficulty handling dynamic scenarios, and lack of detailed accountability and traceability. To this end, we introduce the…

Cryptography and Security · Computer Science 2026-02-17 Sharif Noor Zisad , Ragib Hasan

Traditional authorization policies are user-centric, in the sense that authorization is defined, ultimately, in terms of user identities. We believe that this user-centric approach is inappropriate for many applications, and that what…

Cryptography and Security · Computer Science 2014-06-20 Jason Crampton , James Sellwood

Testing a database application is a challenging process where both the database and the user interaction have to be considered in the design of test cases. This paper describes a specification-based approach to guide the design of test…

Software Engineering · Computer Science 2023-04-26 Raquel Blanco , Javier Tuya , Ruben V. Seco

Recent data protection and data governance regulations have intensified the demand for interoperable, decentralized data ecosystems that can support not only access control but also legally-aligned governance over data use. Existing…

Emerging Technologies · Computer Science 2026-01-27 Wout Slabbinck , Wouter Termont , Ruben Dedecker , Beatriz Esteves

The emergence of Large Language Models (LLMs) has significantly advanced solutions across various domains, from political science to software development. However, these models are constrained by their training data, which is static and…

Artificial Intelligence · Computer Science 2025-09-16 Aadil Gani Ganie

Prose2Policy (P2P) is a LLM-based practical tool that translates natural-language access control policies (NLACPs) into executable Rego code (the policy language of Open Policy Agent, OPA). It provides a modular, end-to-end pipeline that…

Artificial Intelligence · Computer Science 2026-03-18 Vatsal Gupta , Darshan Sreenivasamurthy