|
 ABSTRACT
This work describes the access control system being implemented in INGRES (INteractive Graphics and REtrieval System). The scheme can be applied to any relational data base management system and has several advantages over other suggested schemes. These include: a) implementation easeb) small execution time overheadc) powerful and flexible controlsd) conceptual simplicityThe basic idea utilized is that a user interaction with the data base is modified to an alternate form which is guaranteed to have no access violations. This modification takes place in a high level interaction language. Hence, the processing of a resulting interaction can be accomplished with no further regard for protection. In particular, any procedure calls in the access paths for control purposes, such as in [1,2], are avoided.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
Hoffman, L., "The Formulary Model for Access Control and Privacy," Stanford Linear Accelerator Center Report 117, May, 1970.
|
| |
2
|
"CODASYL Data Description Language," NBS Handbook 112, U. S. Dept. of Commerce, January, 1974.
|
| |
3
|
Browne, P. and Steinauer, D., "A Model for Access Control," Proc. 1971 ACM-SIGFIDET Workshop on Data Description, Access and Control, San Diego, Calif., November, 1971.
|
| |
4
|
Weissman, C., "Security Controls in the ADEPT-50 Time Sharing System," Proc. 1969 Fall Joint Computer Conference, November, 1969.
|
| |
5
|
Friedman, T., "The Authorization Problem in Shared Files," IBM Systems Journal, No. 4, 1970.
|
| |
6
|
McDonald, N., Stonebraker, M., and Wong, E., "Preliminary Specification of INGRES," Electronics Research Laboratory Report #435-436, University of California, Berkeley, California, May, 1974.
|
| |
7
|
Owens, R., "Evaluation of Access Authorization Characteristics of Derived Data Sets," Proc. 1971 SIGFIDET Workshop on Data Description, Access and Control, San Diego, California, November, 1971.
|
| |
8
|
Systems," Project MAC Report TR-89, M.I.T., Cambridge, Mass., July, 1971.
|
| |
9
|
Codd, E., "A Data Base Sublanguage Founded on the Relational Calculus," Proc. 1971 SIGFIDET Workshop on Data Description, Access and Control, San Diego, California, November, 1971.
|
| |
10
|
Boyce, R., et al., "Specifying Queries as Relational Expressions: SQUARE," IBM Technical Report RJ1291, IBM Research Laboratory, San Jose, California, October, 1973.
|
 |
11
|
|
| |
12
|
Codd, E., "Relational Completeness of Data Base Sublanguages," Courant Computer Science Symposium, Vol. 6, Data Base Systems, Prentice Hall, New York, May, 1971.
|
| |
13
|
|
| |
14
|
|
| |
15
|
|
| |
16
|
Boyce, R. and Chamberlin, D., "Using a Structured English Query Language as a Data Definition Facility,$" IBM Research Report No. RJ 1318, IBM Research Laboratory, San Jose, California, December, 1973.
|
| |
17
|
|
| |
18
|
Lampson, B., "Dynamic Protection Structures," Proc. 1969 Fall Joint Computer Conference, November 1969.
|
CITED BY 23
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Kristen LeFevre , Rakesh Agrawal , Vuk Ercegovac , Raghu Ramakrishnan , Yirong Xu , David DeWitt, Limiting disclosure in hippocratic databases, Proceedings of the Thirtieth international conference on Very large data bases, p.108-119, August 31-September 03, 2004, Toronto, Canada
|
|
|
|
|
|
Qihua Wang , Ting Yu , Ninghui Li , Jorge Lobo , Elisa Bertino , Keith Irwin , Ji-Won Byun, On the correctness criteria of fine-grained access control in relational databases, Proceedings of the 33rd international conference on Very large data bases, September 23-27, 2007, Vienna, Austria
|
|
|
|
|
|
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
H.2