Access control based on entity matching for secure data sharing

Useful information for analysis and learning purposes is often located in heterogeneous and autonomous sources. We consider the problem where data owners want to share data that has access control policies associated with it. Data sources share information relying on entity matching rules (Conditions for which two records from different sources are considered as a match , i.e., represent the same real-world object) between their contents. In this paper, we propose an entity matching-oriented and policy-oriented methodology to provide a secure data sharing framework. We present an algorithm for translating a query submitted against one schema into an augmented query for the other schema to capture concerned tuples, based on entity matching rules. Then, we provide a methodology to answer queries while preserving local access control policies and also avoiding any inference leakage that could result from entity matching. Furthermore, we adduce details on our implementation and describe the key findings of the experiments.