Supporting Multiple Access Control Policies in Database Systems

Supporting Multiple Access Control Policies in Database Systems,10.1109/SECPRI.1996.502673,Elisa Bertino,Sushil Jajodia,Pierangela Samarati

Supporting Multiple Access Control Policies in Database Systems   (Citations: 67)
BibTex | RIS | RefWorks Download
Elisa Bertino, Sushil Jajodia, and Pierangela Samarati Although there are several choices of policies for protection of information, access control models have been developed for a fixed set pre-defined access control policies that are then built into the corresponding access control mechanisms. This becomes a problem, however, if the access control requirements of an application are different from the policies built into a mechanism. In most cases, the only solution is to enforce the requirements as part of the application code, but this makes verification, modification, and adequate enforcement of these policies impossible. In this paper, we propose a flexible authorization mechanism that can support different security policies. The mechanism enforces a general authorization model onto which multiple access control policies can be mapped. The model permits negative and positive authorizations, authorizations that must be strongly obeyed and authorizations that allow for exceptions, and enforces ownership together with delegation of administrative privileges.
Conference: IEEE Symposium on Security and Privacy - S&P , pp. 94-107, 1996
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
Sort by: