ACM SIGMOD Anthology VLDB dblp.uni-trier.de

A Model of Methods Access Authorization in Object-oriented Databases.

Nurith Gal-Oz, Ehud Gudes, Eduardo B. Fernández: A Model of Methods Access Authorization in Object-oriented Databases. VLDB 1993: 52-61
@inproceedings{DBLP:conf/vldb/Gal-OzGF93,
  author    = {Nurith Gal-Oz and
               Ehud Gudes and
               Eduardo B. Fern{\'a}ndez},
  editor    = {Rakesh Agrawal and
               Se{\'a}n Baker and
               David A. Bell},
  title     = {A Model of Methods Access Authorization in Object-oriented Databases},
  booktitle = {19th International Conference on Very Large Data Bases, August
               24-27, 1993, Dublin, Ireland, Proceedings},
  publisher = {Morgan Kaufmann},
  year      = {1993},
  isbn      = {1-55860-152-X},
  pages     = {52-61},
  ee        = {db/conf/vldb/Gal-OzGF93.html},
  crossref  = {DBLP:conf/vldb/93},
  bibsource = {DBLP, http://dblp.uni-trier.de}
}

Abstract

Object-oriented databases are a recent and important development and many studies of them have been performed. These consider aspects such as data modeling,query languages, performance, and concurrency control. Relatively few studies address their security, a critical aspect in systems like these that have a complex and rich data structuring.

We developed previously a model of authorization for object-oriented databaseswhich includes a set of policies, a structure for authorization rules and their administration, and evaluation algorithms. In that model the high-level query requests were resolved into read and writes at the authorization level. In this paper we extend the set of access primitives to include ways to control the execution of methods or functions. Policy issues are discussed first, and then algorithms for access evaluation at compile-time and at run-time.

Copyright © 1993 by the VLDB Endowment. Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage, the VLDB copyright notice and the title of the publication and its date appear, and notice is given that copying is by the permission of the Very Large Data Base Endowment. To copy otherwise, or to republish, requires a fee and/or special permission from the Endowment.


Online Paper

ACM SIGMOD Anthology

CDROM Version: Load the CDROM "Volume 1 Issue 5, VLDB '89-'97" and ... DVD Version: Load ACM SIGMOD Anthology DVD 1" and ...

Printed Edition

Rakesh Agrawal, Seán Baker, David A. Bell (Eds.): 19th International Conference on Very Large Data Bases, August 24-27, 1993, Dublin, Ireland, Proceedings. Morgan Kaufmann 1993, ISBN 1-55860-152-X
Contents CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML

References

[1]
Rafiul Ahad, James Davis, Stefan Gower, Peter Lyngbæk, Andra Marynowski, Emmanuel Onuegbe: Supporting Access Control in an Object-Oriented Database Language. EDBT 1992: 184-200 CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML
[2]
Dorothy E. Denning: Cryptography and Data Security. Addison-Wesley 1982
CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML
[3]
Klaus R. Dittrich, Martin Härtig, Heribert Pfefferle: Discretionary Access Control in Structurally Object-Oriented Database Systems. DBSec 1988: 105-121 CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML
[4]
...
[5]
...
[6]
Eduardo B. Fernández, Ehud Gudes, Haiyan Song: A Model for Evaluation and Administration of Security in Object-Oriented Databases. IEEE Trans. Knowl. Data Eng. 6(2): 275-292(1994) CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML
[7]
...
[8]
...
[9]
Ehud Gudes, Haiyan Song, Eduardo B. Fernández: Evolution of Negative, Predicate, and Instance-based Authorization in Object-Oriented Databases. DBSec 1990: 85-98 CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML
[10]
...
[11]
María M. Larrondo-Petrie, Ehud Gudes, Haiyan Song, Eduardo B. Fernández: Security Policies in Object-Oriented Databases. DBSec 1989: 257-268 CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML
[12]
...
[13]
...
[14]
Teresa F. Lunt: Access Control Policies for Database Systems. DBSec 1988: 41-52 CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML
[15]
Fausto Rabitti, Elisa Bertino, Won Kim, Darrell Woelk: A Model of Authorization for Next-Generation Database Systems. ACM Trans. Database Syst. 16(1): 88-131(1991) CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML
[16]
David L. Spooner: The Impact of Inheritance on Security in Object-Oriented Database Systems. DBSec 1988: 141-150 CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML
[17]
Michael Stonebraker: Introduction to the Special Issue on Database Prototype Systems. IEEE Trans. Knowl. Data Eng. 2(1): 1-3(1990) CiteSeerX Google scholar pubzone.org BibTeX bibliographical record in XML

Referenced by

  1. Elisa Bertino, Pierangela Samarati, Sushil Jajodia: An Extended Authorization Model for Relational Databases. IEEE Trans. Knowl. Data Eng. 9(1): 85-101(1997)
  2. Keishi Tajima: Static Detection of Security Flaws in Object-Oriented Databases. SIGMOD Conference 1996: 341-352

Copyright © Mon Nov 2 21:18:42 2009 by Michael Ley (ley@uni-trier.de)