A relational database integrity framework for access control policies
نویسندگان
چکیده
منابع مشابه
XML access control: mapping XACML policies to relational database tables
Although eXtensible Access Control Markup Language (XACML) is recognized as a precise and a complete policy description language, the structure of the current XACML policy is complex. Hence, users need to understand XACML well and write down the securing policy all by hand, which make it difficult to master and use. On the other hand, RDBMS is easy and simple to use by all users and allows hidi...
متن کاملDatabase Access Control Policies
As organizations increase their dependence on database systems for daily business, they become more vulnerable to security breaches even as they gain productivity and efficiency advantages. A truly comprehensive approach for data protection must include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics. The database security comm...
متن کاملFramework for Enforcing Multiple Access Control Policies
Although several access control policies can be devised for controlling access to information, all existing authorization models, and the corresponding enforcement mechanisms, are based on a speciic policy (usually the closed policy). As a consequence, although diierent policy choices are possible in theory, in practice only a speciic policy can be actually applied within a given system. Howeve...
متن کاملA Logical Framework for Reasoning on Data Access Control Policies
In this paper we propose a logic formalism that naturally supports the encoding of complex security specifications. This formalism relies on a hierarchically structured domain made of subjects, objects and privileges. Authorizations are expressed by logic rules. The formalism supports both negation by failure (possibly unstratified) and true negation. The latter is used to express negative auth...
متن کاملA comprehensive modeling framework for role-based access control policies
Prohibiting unauthorized access to critical resources and data has become a major requirement for enterprises. Access control (AC) mechanisms manage requests from users to access system resources; the access is granted or denied based on authorization policies defined within the enterprise. One of the most used AC paradigms is role-based access control (RBAC). In RBAC, access rights are determi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Journal of Intelligent Information Systems
سال: 2010
ISSN: 0925-9902,1573-7675
DOI: 10.1007/s10844-010-0146-z