Access control over uncertain data

Access control is the problem of regulating access to secret information based on certain context information. In traditional applications, context information is known exactly, permitting a simple allow/deny semantics. In this paper, we look at access control when the context is itself uncertain. Our motivating application is RFID data management, in which the location of objects and people, and the associations between them is often uncertain to the system, yet access to private data is strictly defined in terms of these locations and associations. We formalize a natural semantics for access control that allows the release of partial information in the presence of uncertainty and describe an algorithm that uses a provably optimal perturbation function to enforce these semantics. To specify access control policies in practice, we describe UCAL, a new access control language for uncertain data. We then describe an output perturbation algorithm to implement access control policies described by UCAL. We carry out a set of experiments that demonstrate the feasibility of our approach and confirm its superiority over other possible approaches such as thresholding or sampling.