Abstract
Preventing the disclosure, modification or destruction of information in a database has been the subject of considerable recent research (see, for example, [1-3]). While mandatory access control (MAC) assigns security clearance levels (e.g. top secret, secret) to all data for access control, discretionary access control (DAC) assigns privileges to users tailored to their responsibilities within an application. Both of these mechanisms have the fundamental limitation that they are unable to deal with the changing roles of a user (based on the occurrence of an event) within an application. As a result, user-role-based security (URBS) has been proposed [4, 5]. This paper demonstrates how URBS can be used to augment the existing security mechanisms. First the URBS concept, originally proposed for the object-oriented model, is extended to the relational model. Second, the extended model is augmented with the capability to respond to dynamic events. Finally, an integrated method is presented for the design of a dynamic, user-role-based security system.
| Original language | English (US) |
|---|---|
| Pages (from-to) | 661-671 |
| Number of pages | 11 |
| Journal | Computers and Security |
| Volume | 13 |
| Issue number | 8 |
| DOIs | |
| State | Published - 1994 |
| Externally published | Yes |
Keywords
- Access control
- Active database security
- User-role-based security
ASJC Scopus subject areas
- General Computer Science
- Law