A model for evaluation and administration of security in object-oriented databases

Author

Fernandez, Eduardo B. ; Gudes, Ehud ; Song, Haiyan

Author_Institution

Dept. of Comput. Sci. and Eng., Florida Atlantic Univ., Boca Raton, FL, USA

Volume

6

Issue

2

fYear

1994

fDate

4/1/1994 12:00:00 AM

Firstpage

275

Lastpage

292

Abstract

The integration of object-oriented programming concepts with databases is one of the most significant advances in the evolution of database systems. Many aspects of such a combination have been studied, but there are few models to provide security for this richly structured information. We develop an authorization model for object-oriented databases. This model consists of a set of policies, a structure for authorization rules, and algorithms to evaluate access requests against the authorization rules. User access policies are based on the concept of inherited authorization applied along the class structure hierarchy. We propose also a set of administrative policies that allow the control of user access and its decentralization. Finally, we study the effect of class structuring changes on authorization

Keywords

authorisation; database theory; object-oriented databases; access requests; administrative policies; authorization model; authorization rule structure; class structure hierarchy; class structuring changes; database security; decentralization; inherited authorization; object-oriented databases; object-oriented programming concepts; security administration; security evaluation; user access policies; Authorization; Data security; Database systems; Encapsulation; Helium; Information security; Object oriented databases; Object oriented modeling; Object oriented programming; Relational databases;

fLanguage

English

Journal_Title

Knowledge and Data Engineering, IEEE Transactions on

Publisher

ieee

ISSN

1041-4347

Type

jour

DOI

10.1109/69.277771

Filename

277771