Ensuring Privacy in Web Applications through Locally Enforced Views

This thesis focuses on providing security for legacy web applications and their associated database systems. It does this by modifying queries on the way from the application to the database. This approach provides protection with minimal modifications to the existing code. Conceptually the approach depends on the administrator defining views for users, specifying which data they are allowed to see. For any particular user, her views define a natural equiva- lence relation on the set of database states. For each equivalence we identify a single member of the class as a representative of that class. We show how to construct that representative member for each equivalence class from any member of the class. We then modify all queries by the user to execute the query over this constructed table, not over the original database state. We have shown how to do this with views that contain aggregates and in ways that preserve information contained in the where clause of the view. Portions of these approaches have been implemented as a tool that works with Java-based web-applications and MySQL databases. We report preliminary results of testing this approach and highlight some areas for improvement and future work.