The security API of IRO-DB
نویسنده
چکیده
This paper describes the application programming interface (API) providing authorization and access control in IRO-DB. IRO-DB is an ODMB compliant federated database system supporting interoperable access between relational and object-oriented databases. The developed security API implements a federated, administrative, discretionary access control policy which is role-based but additionally supports ownership of data. Authorization rules can be positive as well as negative and use implied authorization for deriving implicit access from a set of explicit rules. The security API depicts a C++ class library maintaining security information (like authorization subjects, objects, and rules) and providing security mechanisms (like identification, authentication, authorization and access control). As a consequence of providing interoperable access by keeping the autonomy of participating component databases a mapping mechanism between the heterogeneous local security policies and the global IRO-DB policy had to be provided. Corresponding functionality is also included in the IRO-DB security API.
منابع مشابه
The security architecture of IRO-DB
This paper describes the security architecture of the IRO-DB database federation, a system supporting interoperable access between relational and object-oriented databases. The security policy developed is a federated, administrative, discretionary access control policy supporting positive, negative, as well as implied authorizations. It includes a procedure for conflict resolution within the s...
متن کاملIRO - DB An object - oriented approach towards federated and interoperable DBMS 1
Todays application scenarios need more and more access to information stored and distributed among multiple database management systems which have various underlying data models and which model even the same real world aspects differently with respect to structure and granularity. Therefore, a system is needed which addresses these problems, providing the means to integrate heterogeneous data s...
متن کاملAuthorization and Access Control in IRO-DB
*) This work is supported by European ESPRIT III, project Nr. 8629. Abstract The paper describes authorization and access control in the IRO-DB database system, a system supporting interoperable access between relational and object-oriented databases. The security policy developed is a federated, administrative discretionary access control policy which supports positive, negative, as well as im...
متن کاملIro-db a Distributed System Federating Object and Relational Databases Contents 1 Iro{db: a Distributed System Federating Object and Relational Databases-db 1
متن کامل
Federating Object-Oriented and Relational Databases: The IRO-DB Experience
From beginning of 1994 to the end of 1996, the IRO-DB ESPRIT project has developed tools for accessing in an integrated way relational and object-oriented databases, and for designing and maintaining integrated applications on large federations of heterogeneous databases. IRO-DB is based on the ODMG pivot object model and gives OQL/OML C++ interface to users on a federation of relational and ob...
متن کامل