The CRUD Security Matrix: A Technique for Documenting Access Rights
نویسندگان
چکیده
The CRUD matrix is an excellent technique to model processes and data and how they interact with respect to creation, reading, updating, and deleting of the data. In this paper, we extend the CRUD matrix to a CRUD Security Cube where we propose incorporating a third dimension on the matrix to include individuals or groups and the rights and security privileges granted to each. This additional dimension on the matrix provides significant information without using an additional model or losing any information from the original CRUD matrix in its design. Analysts may generalize the application of this extension to databases, information systems, or literally any information system’s object that incorporates data, processes, and how individuals may interact with those within the object.
منابع مشابه
Extending RBAC Model to Control Sequences of CRUD Expressions
In database applications, access control is aimed at supervising users’ requests to access sensitive data. Users’ requests are mainly formalized by Create, Read, Update and Delete (CRUD) expressions. The supervision process can be formalized at a high level, such as based on the RBAC model, but in the end the relevant aspect is the data being accessed through each CRUD expression. In critical d...
متن کاملUsing Digital Right Management technology in IRANDOC ETD System
Background and Aim: Easing the probability of violation of intellectual property rights and unauthorized access of digital resources is one of the most important consequences of information and communication technologies like Internet. The purpose of this research is to identify the state of Using Digital Right Management technology in IRANDOC ETD system. Method: This research is an applied re...
متن کاملBasic Student Rights within the Iranian Legal System
Having a clear set of basic Iranian students’ legal rights could serve as a practical guideline to commitments and responsibilities of teachers, administrators, and others dealing with education. To this end, all existing legal documents related to the topic were content analyzed. The result has been a set of fourteen principle areas which can be categorized into three subsets depending on the ...
متن کاملSecure, Dynamic and Distributed Access Control Stack for Database Applications
In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: 1) if policies are complex, their enforcement can lead to performance decay of database servers; 2) when modifications in...
متن کاملAn automatic test case generator for evaluating implementation of access control policies
One of the main requirements for providing software security is the enforcement of access control policies which aim to protect resources of the system against unauthorized accesses. Any error in the implementation of such policies may lead to undesirable outcomes. For testing the implementation of access control policies, it is preferred to use automated methods which are faster and more relia...
متن کامل