Separation of Powers in the Cloud: Where Applications and Users Become Peers

David H. Lorenz, Boaz Rosenan

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

We challenge the widely accepted practice that web appli-cations must be trusted with user data. We present an al-ternative model based on logic programming, where users and applications are equal peers in a shared cloud environ-ment. User data is represented as a set of facts. The ap-plication is represented as a set of rules defining how user data is to be processed, but is not given direct access to the data. This way, end users remain the owners of their own data, and are able to determine who can see it and who can modify it. For concreteness, we define a data representa-tion and query language, named CloudLog, for a new family of deductive databases, named NoDatalog. We add access control to the language for guaranteeing that the rules pro-vided by the application cannot change the choices made by users. We demonstrate how business logic can be expressed in CloudLog, and discuss how an efficient CloudLog-based database can be implemented.

Original languageEnglish
Title of host publicationOnward! 2015 - Proceedings of the 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software, Part of SPLASH 2015
EditorsGuy L. Steele, Gail C. Murphy
PublisherAssociation for Computing Machinery, Inc
Pages76-89
Number of pages14
ISBN (Electronic)9781450336888
DOIs
StatePublished - Oct 2015
EventACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software, Onward! 2015 - Part of SPLASH 2015 - Pittsburgh, United States
Duration: 25 Oct 201530 Oct 2015

Publication series

NameOnward! 2015 - Proceedings of the 2015 ACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software, Part of SPLASH 2015

Conference

ConferenceACM International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software, Onward! 2015 - Part of SPLASH 2015
Country/TerritoryUnited States
CityPittsburgh
Period25/10/1530/10/15

Bibliographical note

Funding Information:
This research was supported in part by the Israel Science Foundation (ISF) under grant No. 1440/14.

Keywords

  • Access Control
  • Deductive Databases
  • Logic programming (LP)
  • NoDatalog
  • NoSQL

Fingerprint

Dive into the research topics of 'Separation of Powers in the Cloud: Where Applications and Users Become Peers'. Together they form a unique fingerprint.

Cite this