Data model issues for object-oriented applications
ACM Transactions on Information Systems (TOIS)
OOPLSA '86 Conference proceedings on Object-oriented programming systems, languages and applications
The NTree: a two dimension partial order for protection groups
ACM Transactions on Computer Systems (TOCS)
O2, an object-oriented data model
SIGMOD '88 Proceedings of the 1988 ACM SIGMOD international conference on Management of data
Recognizing Immediacy in an N-Tree Hierarchy and its Application to Protection Groups
IEEE Transactions on Software Engineering
Object-oriented database systems: the next miles of the marathon
Information Systems - Knowledge engineering
Combining language and database advances in an object-oriented development environment
Readings in object-oriented database systems
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Role-based security: pros, cons, & some research directions
ACM SIGSAC Review
Computers and Security
The Role of Polymorphism in Schema Evolution in an Object-Oriented Database
IEEE Transactions on Knowledge and Data Engineering
Object-Oriented Databases: Definition and Research Directions
IEEE Transactions on Knowledge and Data Engineering
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
RBAC support in object-oriented role databases
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Role templates for content-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
TRBAC: a temporal role-based access control model
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
Using NFS to Implement Role-Based Access Control
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
A Formal Model for Role-Based Access Control with Constraints
CSFW '96 Proceedings of the 9th IEEE workshop on Computer Security Foundations
| Hi-index | 0.00 |
In this paper we combined concepts of role-based protection and object oriented (O-O) databases to specify and enforce separation of duty as required for commercial database integrity [5, 23, 24]. Roles essentially partition database information into access contexts. Methods (from the O-O world) associated with a database object, also partition the object interface to provide windowed access to object information. By specifying that all database information is held in database objects and authorizing methods to roles, we achieve object interface distribution across roles. For processing in the commercial world we can design objects and distribute their associated methods to different roles. By authorizing different users to the different roles, we can enforce both the order of execution on the objects and separation of duty constraints on method execution.