Skip to main content Skip to main navigation


QFilter: Towards a Fine-Grained Access Control for Aggregation Query Processing over Secret Shared Data

Meghdad Mirabi; Carsten Binnig
In: Rajesh Bordawekar; Cinzia Cappiello; Vasilis Efthymiou; Lisa Ehrlinger; Vijay Gadepally; Sainyam Galhotra; Sandra Geisler; Sven Groppe; Le Gruenwald; Alon Y. Halevy; Hazar Harmouch; Oktie Hassanzadeh; Ihab F. Ilyas; Ernesto Jiménez-Ruiz; Sanjay Krishnan; Tirthankar Lahiri; Guoliang Li; Jiaheng Lu; Wolfgang Mauerer; Umar Farooq Minhas; Felix Naumann; M. Tamer Özsu; El Kindi Rezig; Kavitha Srinivas; Michael Stonebraker; Satyanarayana R. Valluri; Maria-Esther Vidal; Haixun Wang; Jiannan Wang; Yingjun Wu; Xun Xue; Mohamed Zaït; Kai Zeng (Hrsg.). Joint Proceedings of Workshops at the 49th International Conference on Very Large Data Bases (VLDB 2023). International Conference on Very Large Data Bases (VLDB), August 28 - September 1, Vancouver, Canada, CEUR Workshop Proceedings, Vol. 3462,, 2023.


This paper presents QFilter, a privacy-preserving and communication efficient solution that integrates an Attribute-Based Access Control (ABAC) model into query processing. QFilter enables the specification and enforcement of fine-grained access control policies tailored to secret-shared data. It can process aggregation SQL queries, including” count”,” sum”, and” avg” functions, with both conjunctive (using” AND”) and disjunctive (using” OR”) equality query conditions, without the need for inter-server communication. QFilter is secure against honest-but-curious adversaries, and the preliminary experiments illustrate its applicability for preserving privacy in query processing over secret-shared data, especially at the tuple level access control with the lowest overhead.

Weitere Links