A model of authorization for next-generation database systems

Rabitti, Fausto; Bertino, Elisa; Kim, Won; Woelk, Darrell

doi:10.1145/103140.103144

Cited by 261 publications

(128 citation statements)

References 14 publications

Supporting

Mentioning

117

Contrasting

Unclassified

Order By: Relevance

“…In this section, the performance of the XML access control method [13] is compared with the proposed method and related work. The performances of the proposed method before and after access control is applied are also compared and analyzed by dividing them into memory usage and processing time.…”

Section: Discussionmentioning

confidence: 99%

Access Control for Energy-Efficient Query Processing

An¹,

Park²

2012

IJCTE

View full text Add to dashboard Cite

Abstract-An access control method has been previously performed only focused on safety, and thus not much effort has been done to consider access control in terms of energy efficiency. In this paper, we proposed a method for an energy-efficient query processing of XML data streams, such as a personal digital assistant and a portable terminal, at the client side with limited resources. Specifically, we proposed an access control processing that possesses a small overhead for attaining a secure result in a limited memory and a method to enhance the performance, finding the parts capable of optimizing each processing step for offsetting the overhead caused by the addition of access control processing. Our new method is analyzed through an experiments.

show abstract

Section: Discussionmentioning

confidence: 99%

Access Control for Energy-Efficient Query Processing

An¹,

Park²

2012

IJCTE

View full text Add to dashboard Cite

show abstract

“…Figure 14 illustrates an example of object hierarchy. Even actions can be organized hierarchically, where the hierarchy may reflect an implication of privileges (e.g., write is more powerful than read [70]) or a grouping of sets of privileges (e.g., a "writing privileges" group can be defined containing write, append, and undo [84]). These hierarchical relationships can be exploited i) to support preconditions on accesses (e.g., in Unix a subject needs the execute, x, privilege on a directory in order to access the files within it), or ii) to support authorization implication, that is, authorizations specified on an abstraction apply to all its members.…”

Section: Expanding Authorizationsmentioning

confidence: 99%

“…To address situations like this, some approaches proposed adopting explicit priorities. In ORION [70], authorizations are classified as strong or weak : weak authorizations override each other based on the most-specific policy, and strong authorizations override weak authorizations (no matter their specificity) and cannot be overridden. Given that strong authorizations must be certainly obeyed, they are required to be consistent.…”

Section: Expanding Authorizationsmentioning

confidence: 99%

Access Control: Policies, Models, and Mechanisms

Samarati

Vimercati

2001

Lecture Notes in Computer Science

448

289

View full text Add to dashboard Cite

Abstract. Access control is the process of mediating every request to resources and data maintained by a system and determining whether the request should be granted or denied. The access control decision is enforced by a mechanism implementing regulations established by a security policy. Different access control policies can be applied, corresponding to different criteria for defining what should, and what should not, be allowed, and, in some sense, to different definitions of what ensuring security means. In this chapter we investigate the basic concepts behind access control design and enforcement, and point out different security requirements that may need to be taken into consideration. We discuss several access control policies, and models formalizing them, that have been proposed in the literature or that are currently under investigation.

show abstract

“…Among comparable proposals, in [2], an access control environment for XML documents and some techniques to deal with authorization priorities and conflict resolution issues are proposed. Finally, the use of authorization priorities with propagation and overriding, which is an important aspect of XML access control may recall approaches in the context of object-oriented databases, like [9] and [18]. Although our proposal is based on existing XML authorization models such as [6], we focus on how to use relational databases to help enforce XML authorization models, and none of the above XML authorization models address the interaction between XML and relational access controls.…”

Section: Xml and Relational Security Modelsmentioning

confidence: 99%

Supporting XML Security Models Using Relational Databases: A Vision

Lee

Liu

2003

Database and XML Technologies

View full text Add to dashboard Cite

Abstract. As the secure distribution and sharing of information over the World Wide Web becomes increasingly important, the needs for flexible and efficient support of access control systems naturally arise. Since the eXtensible Markup Language (XML) is emerging as the format of the Internet era for storing and exchanging information, there have been, recently, many proposals to extend the XML model to incorporate security aspects. To the lesser or greater extent, however, such proposals neglect the fact that the data for XML documents will most likely reside in relational databases, and consequently do not utilize various security models proposed for and implemented in relational databases. In this paper, we take a rather different approach. We explore how to support security models for XML documents by leveraging on techniques developed for relational databases. More specifically, in our approach, (1) Users make XML queries against the given XML view/schema, (2) Access controls for XML data are also specified in the XML model, but (3) Data are stored in relational databases, and (4) Security check and query evaluation are also done in relational databases. Instead of re-inventing wheels, we take two representative methods in both XML security model and XML to relational conversion problems, and show how to glue them together in a seamless manner to efficiently support access controls for the XML model using relational databases.

show abstract

A model of authorization for next-generation database systems

Cited by 261 publications

References 14 publications

Access Control for Energy-Efficient Query Processing

Access Control for Energy-Efficient Query Processing

Access Control: Policies, Models, and Mechanisms

Supporting XML Security Models Using Relational Databases: A Vision

Contact Info

Product

Resources

About