A MODEL FOR EVALUATION AND ADMINISTRATION OF SECURITY IN OBJECT-ORIENTED DATABASES

被引:24
作者
FERNANDEZ, EB
GUDES, E
SONG, HY
机构
[1] BEN GURION UNIV NEGEV,BEER SHEVA,ISRAEL
[2] INFORMIX SOFTWARE INC,MENLO PK,CA
来源
IEEE TRANSACTIONS ON KNOWLEDGE AND DATA ENGINEERING | 1994年 / 6卷 / 02期
关键词
AUTHORIZATION MODELS; DATABASE SECURITY; OBJECT-ORIENTED DATABASES; SECURITY ADMINISTRATION; SECURITY OF OBJECT-ORIENTED SYSTEMS;
D O I
10.1109/69.277771
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
The integration of object-oriented programming concepts with databases is one of the most significant advances in the evolution of database systems. Many aspects of such a combination have been studied, but there are few models to provide security for this richly structured information. We develop here an authorization model for object-oriented databases. This model consists of a set of policies, a structure for authorization rules, and algorithms to evaluate access requests against the authorization rules. User access policies are based on the concept of inherited authorization applied along the class structure hierarchy. We propose also a set of administrative policies that allow the control of user access and its decentralization. Finally, we study the effect of class structuring changes on authorization.
引用
收藏
页码:275 / 292
页数:18
相关论文
共 30 条
[1]  
ALASHQUR AM, 1988, OQL OBJECT ORIENTED
[2]  
BANERJEE J, 1987, MAY P ACM SIGMOD C M, P311
[3]   OBJECT-ORIENTED DATABASE-MANAGEMENT SYSTEMS - CONCEPTS AND ISSUES [J].
BERTINO, E ;
MARTINO, L .
COMPUTER, 1991, 24 (04) :33-47
[4]  
DITTRICH KR, 1989, DATABASE SECURITY 2
[5]  
FERNANDEZ EB, 1981, DATABASE SECURITY IN
[6]  
FERNANDEZ EB, 1989, 1989 P IEEE S SEC PR, P110
[7]  
FERNANDEZ EB, 1975, 1ST P INT C VER LARG, P268
[8]  
Griffiths P. P., 1976, ACM Transactions on Database Systems, V1, P242, DOI 10.1145/320473.320482
[9]  
GUDES E, 1990, 4TH P INT IFIP WG 11
[10]  
Hardwick M., 1989, IEEE Transactions on Knowledge and Data Engineering, V1, P285, DOI 10.1109/69.87967
123