Design for dynamic user-role-based security

Imtiaz Mohammed, David M. Dilts

Research output: Contribution to journalArticlepeer-review

19 Scopus citations


Preventing the disclosure, modification or destruction of information in a database has been the subject of considerable recent research (see, for example, [1-3]). While mandatory access control (MAC) assigns security clearance levels (e.g. top secret, secret) to all data for access control, discretionary access control (DAC) assigns privileges to users tailored to their responsibilities within an application. Both of these mechanisms have the fundamental limitation that they are unable to deal with the changing roles of a user (based on the occurrence of an event) within an application. As a result, user-role-based security (URBS) has been proposed [4, 5]. This paper demonstrates how URBS can be used to augment the existing security mechanisms. First the URBS concept, originally proposed for the object-oriented model, is extended to the relational model. Second, the extended model is augmented with the capability to respond to dynamic events. Finally, an integrated method is presented for the design of a dynamic, user-role-based security system.

Original languageEnglish (US)
Pages (from-to)661-671
Number of pages11
JournalComputers and Security
Issue number8
StatePublished - 1994
Externally publishedYes


  • Access control
  • Active database security
  • User-role-based security

ASJC Scopus subject areas

  • General Computer Science
  • Law


Dive into the research topics of 'Design for dynamic user-role-based security'. Together they form a unique fingerprint.

Cite this