Bringing Access Control Tree to Big Data

  • Francesco Di CerboEmail author
  • Marco Rosa
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11263)


Big data architectures bring advantages in terms of analytics performances and data storage. However the scarce availability of highly expressive declarative mechanisms for access control limits certain business and technical possibilities. This paper reports on the extension and adaptation of Access Control Tree to support effective decision making processes especially in evaluating multiple data policies for large data sets. An initial evaluation is also presented to evaluate the applicability of the extensions to big data use cases.


Access control Big data Access control tree 



This work was partly supported by EU-funded H2020 project C3ISP [grant no. 700294].


  1. 1.
    Ayeb, N., Di Cerbo, F., Trabelsi, S.: Enhancing access control trees for cloud computing. In: Casteleyn, S., Dolog, P., Pautasso, C. (eds.) ICWE 2016. LNCS, vol. 9881, pp. 29–38. Springer, Cham (2016). Scholar
  2. 2.
    Bacis, E., De Capitani di Vimercati, S., Foresti, S., Paraboschi, S., Rosa, M., Samarati, P.: Access control management for secure cloud storage. In: Deng, R., Weng, J., Ren, K., Yegneswaran, V. (eds.) SecureComm 2016. LNICSSITE, vol. 198, pp. 353–372. Springer, Cham (2017). Scholar
  3. 3.
    De Capitani di Vimercati, S., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. In: Proceedings of the 33rd International Conference on Very Large Data Bases (VLDB 2007), Vienna, Austria, pp. 123–134, September 2007Google Scholar
  4. 4.
    Marz, N., Warren, J.: Big Data: Principles and Best Practices of Scalable Real-Time Data Systems. Manning Publications Co., New York (2015)Google Scholar
  5. 5.
    OASIS Committee Draft: XACML v3.0 multiple decision profile (2010). Accessed 10 July 2018
  6. 6.
    OASIS Standard: Extensible Access Control Markup Language (XACML) Version 3.0 (2013–2017). Accessed 10 July 2018
  7. 7.
    Trabelsi, S., Ecuyer, A., Cervera y Alvarez, P., Di Cerbo, F.: Optimizing access control performance for the cloud. In: Proceedings of the 4th International Conference on Cloud Computing and Services Science (CLOSER 2014), Barcelona, Spain, pp. 551–558, April 2014Google Scholar
  8. 8.
    Yang, K., Han, Q., Li, H., Zheng, K., Su, Z., Shen, X.: An efficient and fine-grained big data access control scheme with privacy-preserving policy. IEEE Internet of Things J. 4(2), 563–571 (2017)CrossRefGoogle Scholar
  9. 9.
    Yang, K., Jia, X., Ren, K.: Secure and verifiable policy update outsourcing for big data access control in the cloud. IEEE Trans. Parallel Distrib. Syst. 26(12), 3461–3470 (2015)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.SAP Security ResearchSophia AntipolisFrance
  2. 2.Università degli Studi di BergamoBergamoItaly

Personalised recommendations