StreamFilter: a framework for distributed processing of range queries over streaming data with fine-grained access control

作     者：Safaee, Shahab Mirabi, Meghdad Safaei, Ali Asghar 

作者机构：Islamic Azad Univ Fac Engn Dept Comp Engn South Tehran Branch Tehran Iran Tech Univ Darmstadt Fac Comp Sci Darmstadt Germany Tarbiat Modares Univ Fac Med Sci Dept Med Informat Tehran Iran 

出 版 物：《CLUSTER COMPUTING-THE JOURNAL OF NETWORKS SOFTWARE TOOLS AND APPLICATIONS》 (簇计算)

年 卷 期：2024年第27卷第7期

页      面：9221-9241页

核心收录：

学科分类：07[理学] 0703[理学-化学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

主　　题：Access control B plus tree index Distributed query processing Map-reduce programming model Range query Streaming data 

摘      要：Access control is a fundamental component of any data management system, ensuring the prevention of unauthorized data access. Within the realm of data streams, it plays a crucial role in query processing by facilitating authorized access to them. This paper introduces the StreamFilter framework, which focuses on securely processing queries with range filters over streaming data. Leveraging the Role-Based Access Control model, the StreamFilter framework enables the specification of fine-grained access policies at various levels of granularity, such as tuples and attributes, through the utilization of a bit string structure. To enhance the search operation during data stream query processing, the framework employs a distributed indexing method, constructing a set of smaller B + Tree indices rather than a single large B + Tree index. Furthermore, it seamlessly integrates access authorization evaluation with query processing, efficiently filtering unauthorized parts from the query results. The experimental results demonstrate an approximately 50% increase in efficiency for processing queries with range filters compared to the post-filtering strategy. This improvement is observed across all types of data distribution, including uniform, skew, and hyper skew.