An amateur's introduction to recursive query processing strategies
SIGMOD '86 Proceedings of the 1986 ACM SIGMOD international conference on Management of data
A security policy model for clinical information systems
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
On Safety in Discretionary Access Control
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Audit-Based Access Control for Electronic Health Records
Electronic Notes in Theoretical Computer Science (ENTCS)
A posteriori compliance control
Proceedings of the 12th ACM symposium on Access control models and technologies
A formal framework for reflective database access control policies
Proceedings of the 15th ACM conference on Computer and communications security
Specifying and Analyzing Workflows for Automated Identification and Data Capture
HICSS '09 Proceedings of the 42nd Hawaii International Conference on System Sciences
Declarative privacy policy: finite models and attribute-based encryption
Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium
Hi-index | 0.00 |
Reflective Database Access Control (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege in an access control matrix. RDBAC aids the management of database access controls by improving the expressiveness of policies, enabling enforcement at the database level rather than at the application level. This in turn facilitates the creation of new applications without the need for duplicating security enforcement in each application. Past work has proposed the use of the Transaction Datalog (TD) language as a theoretical basis for RDBAC. We present a case study for a medical database using TD. This case study includes a wide range of access patterns for which RDBAC provides a simple method for formulating policies, demonstrating the flexibility of RDBAC as well as the practicality and scalability of using such a system in real-world applications that require non-trivial policy definitions on large data sets.