An Implementation Design of a Fine-Grained Database Access Control Policy Consistency Checking Mechanism

Authors:
Bat-Odon Purevjii;Masayoshi Aritsugi;Sayaka Imai;Yoshinari Kanamori
Affiliations:
Department of Computer Science, Graduate School of Engineering, Gunma University, 1-5-1 Tenjin-cho, Kiryu, Gunma 376-8515, Japan;Computer Science and Electrical Engineering, Graduate School of Science and Technology, Kumamoto University, 2-39-1 Kurokami, Kumamoto 860-8555, Japan;Department of Computer Science, Graduate School of Engineering, Gunma University, 1-5-1 Tenjin-cho, Kiryu, Gunma 376-8515, Japan;Department of Computer Science, Graduate School of Engineering, Gunma University, 1-5-1 Tenjin-cho, Kiryu, Gunma 376-8515, Japan
Venue:
KES '07 Knowledge-Based Intelligent Information and Engineering Systems and the XVII Italian Workshop on Neural Networks on Proceedings of the 11th International Conference
Year:
2007

Citing 6
Cited 1

Principles of database and knowledge-base systems, Vol. I

Principles of database and knowledge-base systems, Vol. I
A unified framework for enforcing multiple access control policies

SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
An Access Authorization Model for Relational Databases Based on Algebraic Manipulation of View Definitions

Proceedings of the Fifth International Conference on Data Engineering
Supporting Multiple Access Control Policies in Database Systems

SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Extending query rewriting techniques for fine-grained access control

SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Protecting personal data with various granularities: a logic-based access control approach

CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II

Annotations on access controls in wikis: a proposal

Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services

Quantified Score

Hi-index	0.00

Visualization

Abstract

Policy consistency checker is an essential part of database access control systems. Realizing checking mechanisms for policy inconsistencies is a non-trivial task due to large amounts of rules and various kinds of rule patterns on fine-grained database objects and complicated interrelationships among those rules. We propose a novel rule-based mechanism for checking fine-grained access control policy inconsistencies for relational databases. In particular, we present necessary concepts and implementation design of the inconsistency checking mechanism. We specify policies, with conditions, on fine-grained objects through if-then authorization rules. We compute rule inconsistencies by employing the java-based open-source rule engine Jess.