Attribute-Based Content Redaction in Large-Scale Data Systems: A Study of Granular Access Control
Typ
Examensarbete för masterexamen
Program
Computer systems and networks (MPCSN), MSc
Publicerad
2022
Författare
Andersson, Jimmy
Aguilar Aguilar, Claudio
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
Data privacy has become significantly more important over the past years, leading
to new laws and regulations that citizens and organizations must abide by. As a
consequence, keeping data from being exposed to the wrong audience is no longer
just an interest of the individual - it is also a legal requirement on companies that
collect and store sensitive information. Different geographical regions may also enforce
different data privacy laws, making matters even more complex for organizations
that operate on a global scale. On top of the regulatory aspects, internal
information security policies may specify that some subsets of data must be shared
differently depending on security classifications and who requests it. This master’s
thesis project conducts a Design Science Research study aiming to combine two
existing techniques – attribute-based access control and redaction. The goal is to
evaluate whether the resulting component is a viable approach to granular access
control in request-response type APIs that expose sensitive data to a global audience.
The study produces a Proof-of-Concept implementation as an artifact, which
is evaluated and compared to the type of role-based RESTful APIs commonly used
in industry today.
Beskrivning
Ämne/nyckelord
Access Control , Large-Scale Data , Computer Science , Data Engineering , Redaction , Attribute-Based Access Control