DATABASE-SECURITY - RESEARCH AND PRACTICE

被引：23

作者：

BERTINO, E ^{[1
]}

JAJODIA, S ^{[1
]}

SAMARATI, P ^{[1
]}

机构：

[1] GEORGE MASON UNIV, DEPT INFORMAT & SOFTWARE SYST ENGN, FAIRFAX, VA 22030 USA

来源：

INFORMATION SYSTEMS | 1995年 / 20卷 / 07期

基金：

美国国家科学基金会;

关键词：

ACCESS CONTROL; DISCRETIONARY SECURITY POLICIES; MANDATORY SECURITY POLICIES; SECURITY; DATABASES;

D O I：

10.1016/0306-4379(95)00029-4

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

As an increasing number of organizations become dependent on access to their data over the Internet, the need for adequate security measures is becoming more and more critical. The most popular security measure these days is a firewall. However, a firewall is not immune to penetration, and it does not provide any protection of internal resources from insiders and successful intruders. One of the requirements for the protection of internal resources is access control to ensure that all accesses are authorized according to some specified policy. In this paper, we survey the state of the art in access control for database systems, discuss the main research issues, and outline possible directions for future research.

引用

页码：537 / 556

页数：20

共 44 条

[1]

ABRAMS M, 1995, INFORMATION SECURITY

[2]

AHAD R, 1992, P EDBT 92 VIENN MARC, P184

[3]

AMMANN P, 1994, IFIP TRANS A, V47, P125

[4]

Atluri V., 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy (Cat. No.93CH3290-4), P135, DOI 10.1109/RISP.1993.287636

[5]

BALDWIN RW, 1990, P IEEE S SECURITY PR, P61

[6]

BERTINO E, 1994, UNPUB FLEXIBLE AUTHO

[7]

BERTINO E, 1993, 3RD P INT C DED OBJ, P415

[8]

BERTINO E, 1993, LNCS, V759, P17

[9]

BERTINO E, 1992, P IEEE INT C DATA EN, P338

[10]

BERTINO E, 1993, P 1 ACM C COMP COMM, P130

← 1 2 3 4 5 →