Granular security in a graph database
Loading...
Authors
Crawford, Brian
Subjects
database security
graph database
granular security
bipartite graph
directed graph
multi-slice graph
graph database
granular security
bipartite graph
directed graph
multi-slice graph
Advisors
Otani, Thomas
Date of Issue
2016-03
Date
Mar-16
Publisher
Monterey, California: Naval Postgraduate School
Language
Abstract
With the growing use of data in all aspects of government and commerce, the need for that data to be both accessible and secure is also growing. One solution to this dual need is provided by Accumulo, a database that allows multiple users of various security levels to access one platform but receive authorization to view only portions of the database. Various databases, however, organize information differently. This thesis examines the possibility of implementing a granular security on a graph database. Using Neo4j as a reference implementation, graph theory concepts are used to find a method of allowing data access while retaining security in a data environment that emphasizes connectivity. Using adjacency matrix multiplication on bipartite graph slices of the network of security layers, a mathematical justification exists for locating two step connections that exit from and return to a security layer. These connections can be revealed to a user without granting access outside of the assigned security layer.
Type
Thesis
Description
Series/Report No
Department
Computer Science
Computer Science
Organization
Identifiers
NPS Report Number
Sponsors
Funder
Format
Citation
Distribution Statement
Approved for public release; distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.