{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,8]],"date-time":"2026-02-08T00:50:28Z","timestamp":1770511828683,"version":"3.49.0"},"reference-count":32,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2019,2,27]],"date-time":"2019-02-27T00:00:00Z","timestamp":1551225600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGMOD Rec."],"published-print":{"date-parts":[[2019,2,27]]},"abstract":"<jats:p>This paper presents a vision and description for query control, which is a paradigm for database access control. In this model, individual queries are examined before being executed and are either allowed or denied by a pre-defined policy. Traditional view-based database access control requires the enforcer to view the query, the records, or both. That may present difficulty when the enforcer is not allowed to view database contents or the query itself. This discussion of query control arises from our experience with privacy-preserving encrypted databases, in which no single entity learns both the query and the database contents. Query control is also a good fit for enforcing rules and regulations that are not well-addressed by view-based access control. With the rise of federated database management systems, we believe that new approaches to access control will be increasingly important.<\/jats:p>","DOI":"10.1145\/3316416.3316420","type":"journal-article","created":{"date-parts":[[2019,2,28]],"date-time":"2019-02-28T13:06:53Z","timestamp":1551359213000},"page":"17-22","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":11,"title":["Don't Even Ask"],"prefix":"10.1145","volume":"47","author":[{"given":"Richard","family":"Shay","sequence":"first","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington, MA, USA"}]},{"given":"Uri","family":"Blumenthal","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington, MA, USA"}]},{"given":"Vijay","family":"Gadepally","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington , MA, USA"}]},{"given":"Ariel","family":"Hamlin","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington, MA, USA"}]},{"given":"John Darby","family":"Mitchell","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington, MA, USA"}]},{"given":"Robert K.","family":"Cunningham","sequence":"additional","affiliation":[{"name":"MIT Lincoln Laboratory, Lexington, MA, USA"}]}],"member":"320","published-online":{"date-parts":[[2019,2,27]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1016\/B978-012373566-9.50005-7"},{"key":"e_1_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1561\/1900000014"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2005.9"},{"key":"e_1_2_1_4_1","volume-title":"Confounding control in healthcare database research: challenges and potential approaches. Medical care","author":"Brookhart M. A.","year":"2010","unstructured":"M. A. Brookhart , T. St\u00a8urmer , R. J. Glynn , J. Rassen , and S. Schneeweiss . Confounding control in healthcare database research: challenges and potential approaches. Medical care , 2010 . M. A. Brookhart, T. St\u00a8urmer, R. J. Glynn, J. Rassen, and S. Schneeweiss. Confounding control in healthcare database research: challenges and potential approaches. Medical care, 2010."},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/1807167.1807271"},{"key":"e_1_2_1_6_1","unstructured":"European Commission. 2018 reform of EU data protection rules. https: \/\/ec.europa.eu\/commission\/priorities\/ justice-and-fundamental-rights\/ data-protection\/ 2018-reform-eu-data-protection-rules_ en.  European Commission. 2018 reform of EU data protection rules. https: \/\/ec.europa.eu\/commission\/priorities\/ justice-and-fundamental-rights\/ data-protection\/ 2018-reform-eu-data-protection-rules_ en."},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/501978.501980"},{"key":"e_1_2_1_8_1","volume-title":"MIT Lincoln Laboratory","author":"Fuller B.","year":"2015","unstructured":"B. Fuller , D. Mitchell , R. Cunningham , U. Blumenthal , P. Cable , A. Hamlin , L. Milechin , M. Rabe , N. Schear , R. Shay , M. Varia , S. Yakoubov , and A. Yerukhimovich . SPAR pilot evaluation. Technical report , MIT Lincoln Laboratory , 2015 . B. Fuller, D. Mitchell, R. Cunningham, U. Blumenthal, P. Cable, A. Hamlin, L. Milechin, M. Rabe, N. Schear, R. Shay, M. Varia, S. Yakoubov, and A. Yerukhimovich. SPAR pilot evaluation. Technical report, MIT Lincoln Laboratory, 2015."},{"key":"e_1_2_1_9_1","volume-title":"Oakland","author":"Fuller B.","year":"2017","unstructured":"B. Fuller , M. Varia , A. Yerukhimovich , E. Shen , A. Hamlin , V. Gadepally , R. Shay , J. D. Mitchell , and R. K. Cunningham . SoK: Cryptographically protected database search . Oakland , 2017 . B. Fuller, M. Varia, A. Yerukhimovich, E. Shen, A. Hamlin, V. Gadepally, R. Shay, J. D. Mitchell, and R. K. Cunningham. SoK: Cryptographically protected database search. Oakland, 2017."},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPEC.2016.7761636"},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/HPEC.2017.8091077"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/320473.320482"},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1007\/s007780100054"},{"key":"e_1_2_1_14_1","volume-title":"Security and privacy assurance research (SPAR) program broad agency announcement","author":"Research Projects Activity Intelligence Advanced","year":"2011","unstructured":"Intelligence Advanced Research Projects Activity . Security and privacy assurance research (SPAR) program broad agency announcement , 2011 . Intelligence Advanced Research Projects Activity. Security and privacy assurance research (SPAR) program broad agency announcement, 2011."},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.21236\/ADA533742"},{"key":"e_1_2_1_16_1","volume-title":"August","author":"Kagal L.","year":"2011","unstructured":"L. Kagal . Policy compliance of queries for private information retrieval. http: \/\/dig.csail.mit.edu\/2009\/IARPA-PIR\/ , August 2011 . L. Kagal. Policy compliance of queries for private information retrieval. http: \/\/dig.csail.mit.edu\/2009\/IARPA-PIR\/, August 2011."},{"key":"e_1_2_1_17_1","volume-title":"HPEC","author":"Kepner J.","year":"2014","unstructured":"J. Kepner , W. Arcand , D. Bestor , B. Bergeron , C. Byun , V. Gadepally , M. Hubbell , P. Michaleas , J. Mullen , A. Prout , Achieving 100,000,000 database inserts per second using accumulo and d4m . In HPEC , 2014 . J. Kepner, W. Arcand, D. Bestor, B. Bergeron, C. Byun, V. Gadepally, M. Hubbell, P. Michaleas, J. Mullen, A. Prout, et al. Achieving 100,000,000 database inserts per second using accumulo and d4m. In HPEC, 2014."},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.5555\/1894568.1894576"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2501604.2501611"},{"key":"e_1_2_1_20_1","volume-title":"August","author":"Lomas N.","year":"2016","unstructured":"N. Lomas . WhatsApp to share user data with facebook for ad targeting -- here's how to opt out. https:\/\/techcrunch.com\/2016\/08\/25\/ whatsapp-to-share , August 2016 . N. Lomas. WhatsApp to share user data with facebook for ad targeting -- here's how to opt out. https:\/\/techcrunch.com\/2016\/08\/25\/ whatsapp-to-share, August 2016."},{"key":"e_1_2_1_21_1","volume-title":"CIDR","author":"Mattson T.","year":"2017","unstructured":"T. Mattson , V. Gadepally , Z. She , A. Dziedzic , and J. Parkhurst . Demonstrating the bigdawg polystore system for ocean metagenomics analysis . In CIDR , 2017 . T. Mattson, V. Gadepally, Z. She, A. Dziedzic, and J. Parkhurst. Demonstrating the bigdawg polystore system for ocean metagenomics analysis. In CIDR, 2017."},{"key":"e_1_2_1_22_1","volume-title":"Executive Office of the President, https:\/\/bigdatawg.nist.gov\/pdf\/pcast_ big_data_and_privacy_-_may_2014.pdf","author":"President's Council of Advisors on Science and Technology.","year":"2014","unstructured":"President's Council of Advisors on Science and Technology. Big data and privacy: A technical perspective. Technical report , Executive Office of the President, https:\/\/bigdatawg.nist.gov\/pdf\/pcast_ big_data_and_privacy_-_may_2014.pdf , May 2014 . President's Council of Advisors on Science and Technology. Big data and privacy: A technical perspective. Technical report, Executive Office of the President, https:\/\/bigdatawg.nist.gov\/pdf\/pcast_ big_data_and_privacy_-_may_2014.pdf, May 2014."},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1007568.1007631"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/2.485845"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/35.312842"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/96602.96604"},{"key":"e_1_2_1_27_1","volume-title":"MIT","author":"Soltren J. H.","year":"2009","unstructured":"J. H. Soltren . Query-based database policy assurance using semantic web technologies. Master's thesis , MIT , September 2009 . J. H. Soltren. Query-based database policy assurance using semantic web technologies. Master's thesis, MIT, September 2009."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1515\/popets-2016-0018"},{"key":"e_1_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICDE.2005.1"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/16856.16888"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/BigData.2017.8258302"},{"key":"e_1_2_1_32_1","volume-title":"CIDR","author":"Upadhyaya P.","year":"2013","unstructured":"P. Upadhyaya , N. R. Anderson , M. Balazinska , B. Howe , R. Kaushik , R. Ramamurthy , and D. Suciu . Stop that query! The need for managing data use . In CIDR , 2013 . P. Upadhyaya, N. R. Anderson, M. Balazinska, B. Howe, R. Kaushik, R. Ramamurthy, and D. Suciu. Stop that query! The need for managing data use. In CIDR, 2013."}],"container-title":["ACM SIGMOD Record"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3316416.3316420","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3316416.3316420","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T23:53:15Z","timestamp":1750204395000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3316416.3316420"}},"subtitle":["Database Access Control through Query Control"],"short-title":[],"issued":{"date-parts":[[2019,2,27]]},"references-count":32,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2019,2,27]]}},"alternative-id":["10.1145\/3316416.3316420"],"URL":"https:\/\/doi.org\/10.1145\/3316416.3316420","relation":{},"ISSN":["0163-5808"],"issn-type":[{"value":"0163-5808","type":"print"}],"subject":[],"published":{"date-parts":[[2019,2,27]]},"assertion":[{"value":"2019-02-27","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}