Principles of database and knowledge-base systems, Vol. I
Principles of database and knowledge-base systems, Vol. I
Data functions, datalog and negation
SIGMOD '88 Proceedings of the 1988 ACM SIGMOD international conference on Management of data
Efficient Database Access from Prolog
IEEE Transactions on Software Engineering
A method for specializing logic programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Static Analysis of Logical Languages with Deferred Update Semantics
IEEE Transactions on Knowledge and Data Engineering
Translation and Optimization of Logic Queries: The Algebraic Approach
VLDB '86 Proceedings of the 12th International Conference on Very Large Data Bases
Redundancy and information leakage in fine-grained access control
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
A formal framework for reflective database access control policies
Proceedings of the 15th ACM conference on Computer and communications security
CodeQuest: scalable source code queries with datalog
ECOOP'06 Proceedings of the 20th European conference on Object-Oriented Programming
Proceedings of the Fourteenth International Database Engineering & Applications Symposium
Inheriting access control rules from large relational databases to materialized views automatically
KES'10 Proceedings of the 14th international conference on Knowledge-based and intelligent information and engineering systems: Part III
MyABDAC: compiling XACML policies for attribute-based database access control
Proceedings of the first ACM conference on Data and application security and privacy
Hi-index | 0.00 |
Reflective Database Access Control (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege in an access control matrix. RDBAC aids the management of database access controls by improving the expressiveness of policies. The Transaction Datalog language provides a powerful syntax and semantics for expressing RDBAC policies, however there is no efficient implementation of this language for practical database systems. We demonstrate a strategy for compiling policies in Transaction Datalog into standard SQL views that enforce the policies, including overcoming significant differences in semantics between the languages in handling side-effects and evaluation order. We also report the results of evaluating the performance of these views compared to policies enforced by access control matrices. This implementation demonstrates the practical feasibility of RDBAC, and suggests a rich field of further research.