Supporting multiple access control policies in database systems

2002 ◽  
Author(s):  
E. Bertino ◽  
S. Jajodia ◽  
P. Samarati
Keyword(s):  
Access Control ◽  
Multiple Access ◽  
Database Systems ◽  
Multiple Access Control ◽  
Control Policies ◽  
Access Control Policies

A Flexible Authorization Framework

2004 ◽  
pp. 149-176
Author(s):  
Duminda Wijesekera ◽  
Sushil Jajodia
Keyword(s):  
Access Control ◽  
Multiple Access ◽  
Rule Base ◽  
Multiple Access Control ◽  
Control Policies ◽  
Workflow Systems ◽  
Access Control Policies ◽  
New Challenges

Advances in application areas such as Internet-based transactions, cooperating coalitions, and workflow systems have brought new challenges to access control. In order to meet the diverse needs of emerging applications, it has become necessary to support multiple access control policies in one security domain. This chapter describes an authorization framework, referred to as the Flexible Authorization Framework (FAF), which is capable of doing so. FAF is a logic-based framework in which authorizations are specified in terms of a locally stratified rule base. FAF allows permissions and prohibitions to be included in its specification. FAF specifications can be changed by deleting and inserting its rules. We also describe FAF’s latest additions, such as revoking granted permissions, provisional authorizations, and obligations.

A unified framework for enforcing multiple access control policies

1997 ◽  
Vol 26 (2) ◽  
pp. 474-485 ◽  
Author(s):  
Sushil Jajodia ◽  
Pierangela Samarati ◽  
V. S. Subrahmanian ◽  
Eliza Bertino
Keyword(s):  
Access Control ◽  
Multiple Access ◽  
Unified Framework ◽  
Multiple Access Control ◽  
Control Policies ◽  
Access Control Policies

A Flexible Authorization Framework

2008 ◽  
pp. 1236-1256
Author(s):  
Duminda Wijesekera ◽  
Sushil Jajodia
Keyword(s):  
Access Control ◽  
Multiple Access ◽  
Rule Base ◽  
Multiple Access Control ◽  
Control Policies ◽  
Workflow Systems ◽  
Access Control Policies ◽  
New Challenges

Advances in application areas such as Internet-based transactions, cooperating coalitions, and workflow systems have brought new challenges to access control. In order to meet the diverse needs of emerging applications, it has become necessary to support multiple access control policies in one security domain. This chapter describes an authorization framework, referred to as the Flexible Authorization Framework (FAF), which is capable of doing so. FAF is a logic-based framework in which authorizations are specified in terms of a locally stratified rule base. FAF allows permissions and prohibitions to be included in its specification. FAF specifications can be changed by deleting and inserting its rules. We also describe FAF’s latest additions, such as revoking granted permissions, provisional authorizations, and obligations.

Flexible support for multiple access control policies

2001 ◽  
Vol 26 (2) ◽  
pp. 214-260 ◽  
Author(s):  
Sushil Jajodia ◽  
Pierangela Samarati ◽  
Maria Luisa Sapino ◽  
V. S. Subrahmanian
Keyword(s):  
Access Control ◽  
Multiple Access ◽  
Multiple Access Control ◽  
Control Policies ◽  
Flexible Support ◽  
Access Control Policies

scholarly journals A Survey of Access Control and Data Encryption for Database Security

2017 ◽  
Vol 28 (1) ◽  
pp. 19-30 ◽  
Author(s):  
Emad F. Khalaf Emad F. Khalaf
Keyword(s):  
Access Control ◽  
Database Systems ◽  
Database Security ◽  
Data Encryption ◽  
Security Threats ◽  
Control Policies ◽  
Vast Amount ◽  
Access Control Policies

With the vast amount of data generated nowadays, organizing and managing of these data are very important to allow the users to access, retrieve, and update their data by using database systems (DBS). Most of the current organizations use DBS to increase the efficiency and the productivity of their organizations, but the security threats are becoming more dangerous to the DB. So, protection of data by keeping it integrated and secured from any undesirable intrusion became the highest priority for these organizations. DB security provides various techniques to protect data from any threats. This paper discusses two techniques used in the DB field to achieve integrity and confidentiality of the data, by using access control policies and data encryption.

Sign in / Sign up

Export Citation Format

Share Document