Dynamic Meta-level Access Control in SQL
نویسنده
چکیده
Standard SQL is insufficiently expressive for representing many access control policies that are needed in practice. Nevertheless, we show how rich forms of access control policies can be defined within SQL when small amounts of contextual information are available to query evaluators. Rather than the standard, relational structure perspective that has been adopted for fine-grained access control, we consider instead the representation of dynamic fine-grained access control (DFMAC) policy requirements at the access policy level. We also show how DFMAC policies may be represented in SQL and we give some performance results for an implementation of our approach.
منابع مشابه
Dynamic Policy Adaptation for Collaborative Groups
Dynamic collaborative peer groups generally have constantly changing application requirements and varied security requirements, and require a secure and reliable group communication. Self-organizing groups like f/oss motivate the need for dynamic multi-level access control. Currently there are some integrated solutions for secure group communication, but very few allow dynamic multi-level acces...
متن کاملOntology-Based Data Access with Dynamic TBoxes in DL-Lite
In this paper we introduce the notion of mapping-based knowledge base (MKB) to formalize the situation where both the extensional and the intensional level of the ontology are determined by suitable mappings to a set of (relational) data sources. This allows for making the intensional level of the ontology as dynamic as traditionally the extensional level is. To do so, we resort to the meta-mod...
متن کاملCAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملA context-sensitive dynamic role-based access control model for pervasive computing environments
Resources and services are accessible in pervasive computing environments from anywhere and at any time. Also, due to ever-changing nature of such environments, the identity of users is unknown. However, users must be able to access the required resources based on their contexts. These and other similar complexities necessitate dynamic and context-aware access control models for such environmen...
متن کاملPrivacy Preserving Dynamic Access Control Model with Access Delegation for eHealth
eHealth is the concept of using the stored digital data to achieve clinical, educational, and administrative goals and meet the needs of patients, experts, and medical care providers. Expansion of the utilization of information technology and in particular, the Internet of Things (IoT) in eHealth, raises various challenges, where the most important one is security and access control. In this re...
متن کامل