Data protection according to sensitivity and classification has become a mandatory security mechanism for safety- and security-critical organizations. There is however no consensus on how to implement data sensitivity and classification in existing big-data systems. An approach is proposed to express and compute data sensitivity and multidimensional data classification in fine granularity. The approach is based on a declarative logic programming language, which is able to separate security requirement definitions and deduction from implementation details. Expressing and validating the security rules can be done transparently, ignoring underlying technical migrations and infrastructure differences. It is therefore possible to use the same set of security rules among various big data systems. Compared to other logic-programming-based approach, the declarative nature also makes it preferable for modular development and system maintenance. Sensitivity specification is shown and security analysis including conflict detection and resolution is performed on the same platform. Several typical types of data classification have also been illustrated and analyzed. The approach is capable of expressing complex classification methods, including classification with multiple parameters, classification according to graph computation, and classification based on relations among multiple data objects. The logic programming-based method is shown to have more expressive power and better complexity performance than conventional methods.
Published in | International Journal of Information and Communication Sciences (Volume 6, Issue 3) |
DOI | 10.11648/j.ijics.20210603.12 |
Page(s) | 62-65 |
Creative Commons |
This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited. |
Copyright |
Copyright © The Author(s), 2021. Published by Science Publishing Group |
Data Security, Sensitivity and Classification, Logic Programming, Big Data
[1] | Bosong Liu, Research and implementation of security policy management system based on multidimensional attribute label, Master thesis, Beijing University of Posts and Telecommunications, 2017. |
[2] | Yuze Jiang and Shiyang Chen, Trends and challenges of data security technology, Communications World. 08 (2021): 17-19. |
[3] | Molham Aref, Balder ten Cate, Todd J. Green, Benny Kimelfeld, Dan Olteanu, Emir Pasalic, Todd L. Veldhuizen, Geoffrey Washburn, Design and Implementation of the LogicBlox System, SIGMOD’15, 2015. |
[4] | B. Motik; Y. Nenov; R. Piro, I. Horrocks, Parallel Materialisation of Datalog Programs in Main-Memory RDF Databases, In Proceedings of the Twenty-Eighth AAAI Conference on Artificial Intelligence, Qébec City, Qébec, Canada: 2014. |
[5] | Alexander Shkapsky, Mohan Yang, Matteo Interlandi, Hsuan Chiu, Tyson Condie, Carlo Zaniolo, Big Data Analytics with Datalog Queries on Spark, SIGMOD’16, San Francisco, CA, USA: 2016. |
[6] | Jiaqi Gu, Yugo Watanabe, William Mazza, Alexander Shkapsky, Mohan Yang, Ling Ding, Carlo Zaniolo, RaSQL: Greater Power and Performance for Big Data Analytics with Recursive-aggregate-SQL on Spark, SIGMOD’19, 2019. |
[7] | Grigoris Antoniou, Sotiris Batsakis, Raghava Mutharaju, Jeff Z. Pan, Guilin Qi, Ilias Tachmazidis, Jacopo Urbani and Zhangquan Zhou, A Survey of Large-Scale Reasoning on the Web of Data, The Knowledge Engineering Review, Vol. 33, 1–24, 2018. |
[8] | Boris Motik, Yavor Nenov, Robert Piro, Ian Horrocks, Dan Olteanu, Parallel Materialisation of Datalog Programs in Centralised, Main-Memory RDF Systems, AAAI, 2014. |
[9] | Mohan Yang, Declarative Languages and Scalable Systems for Graph Analytics and Knowledge Discovery, PhD dissertation, University of California, Los Angeles, 2017. |
[10] | Carlo Zaniolo, Mohan Yang, Matteo Interlandi, Ariyam Das, Alexander Shkapsky, Tyson Condie. Fixpoint semantics and optimization of recursive Datalog programs with aggregates. TPLP 17 (5-6), 2017, 1048-1065. |
[11] | Ariyam Das, Youfu Li, Jin Wang, Mingda Li, Carlo Zaniolo. BigData Applications from Graph Analytics to Machine Learning by Aggregates in Recursion. Conference on Logic Programming (ICLP’19), 2019. |
[12] | Hongyuan Mei, Guanghui Qin, Minjie Xu, Jason Eisner, Neural Datalog through Time: Informed Temporal Modeling via Logical Specification, Proceedings of the 37th International Conference on Machine Learning, PMLR 119, Online: 2020. |
[13] | Wang, J., Wu, J., Li, M. et al. Formal semantics and high performance in declarative machine learning using Datalog. The VLDB Journal, 2021. |
[14] | Edelmira Pasarella, Jorge Lobo, A Datalog Framework for Modeling Relationship-based Access Control Policies, SACMAT '17, 2017, 91-102. |
[15] | Xinming Ou, A logic-programming approach to network security analysis, PhD dissertation, Princeton University, 2005. |
APA Style
Yuejin Zhang, Hong Liu, Guowei Wang. (2021). Data Sensitivity and Classification Management: A Declarative Approach. International Journal of Information and Communication Sciences, 6(3), 62-65. https://doi.org/10.11648/j.ijics.20210603.12
ACS Style
Yuejin Zhang; Hong Liu; Guowei Wang. Data Sensitivity and Classification Management: A Declarative Approach. Int. J. Inf. Commun. Sci. 2021, 6(3), 62-65. doi: 10.11648/j.ijics.20210603.12
AMA Style
Yuejin Zhang, Hong Liu, Guowei Wang. Data Sensitivity and Classification Management: A Declarative Approach. Int J Inf Commun Sci. 2021;6(3):62-65. doi: 10.11648/j.ijics.20210603.12
@article{10.11648/j.ijics.20210603.12, author = {Yuejin Zhang and Hong Liu and Guowei Wang}, title = {Data Sensitivity and Classification Management: A Declarative Approach}, journal = {International Journal of Information and Communication Sciences}, volume = {6}, number = {3}, pages = {62-65}, doi = {10.11648/j.ijics.20210603.12}, url = {https://doi.org/10.11648/j.ijics.20210603.12}, eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ijics.20210603.12}, abstract = {Data protection according to sensitivity and classification has become a mandatory security mechanism for safety- and security-critical organizations. There is however no consensus on how to implement data sensitivity and classification in existing big-data systems. An approach is proposed to express and compute data sensitivity and multidimensional data classification in fine granularity. The approach is based on a declarative logic programming language, which is able to separate security requirement definitions and deduction from implementation details. Expressing and validating the security rules can be done transparently, ignoring underlying technical migrations and infrastructure differences. It is therefore possible to use the same set of security rules among various big data systems. Compared to other logic-programming-based approach, the declarative nature also makes it preferable for modular development and system maintenance. Sensitivity specification is shown and security analysis including conflict detection and resolution is performed on the same platform. Several typical types of data classification have also been illustrated and analyzed. The approach is capable of expressing complex classification methods, including classification with multiple parameters, classification according to graph computation, and classification based on relations among multiple data objects. The logic programming-based method is shown to have more expressive power and better complexity performance than conventional methods.}, year = {2021} }
TY - JOUR T1 - Data Sensitivity and Classification Management: A Declarative Approach AU - Yuejin Zhang AU - Hong Liu AU - Guowei Wang Y1 - 2021/08/09 PY - 2021 N1 - https://doi.org/10.11648/j.ijics.20210603.12 DO - 10.11648/j.ijics.20210603.12 T2 - International Journal of Information and Communication Sciences JF - International Journal of Information and Communication Sciences JO - International Journal of Information and Communication Sciences SP - 62 EP - 65 PB - Science Publishing Group SN - 2575-1719 UR - https://doi.org/10.11648/j.ijics.20210603.12 AB - Data protection according to sensitivity and classification has become a mandatory security mechanism for safety- and security-critical organizations. There is however no consensus on how to implement data sensitivity and classification in existing big-data systems. An approach is proposed to express and compute data sensitivity and multidimensional data classification in fine granularity. The approach is based on a declarative logic programming language, which is able to separate security requirement definitions and deduction from implementation details. Expressing and validating the security rules can be done transparently, ignoring underlying technical migrations and infrastructure differences. It is therefore possible to use the same set of security rules among various big data systems. Compared to other logic-programming-based approach, the declarative nature also makes it preferable for modular development and system maintenance. Sensitivity specification is shown and security analysis including conflict detection and resolution is performed on the same platform. Several typical types of data classification have also been illustrated and analyzed. The approach is capable of expressing complex classification methods, including classification with multiple parameters, classification according to graph computation, and classification based on relations among multiple data objects. The logic programming-based method is shown to have more expressive power and better complexity performance than conventional methods. VL - 6 IS - 3 ER -