Detection of access control flaws in a distributed database system with local site autonomy

Authors:
Yaowadee Temtanapat;David L. Spooner
Affiliations:
Department of Computer Science, Rensselaer Polytechnic Institute, Troy, NY;Department of Computer Science, Rensselaer Polytechnic Institute, Troy, NY
Venue:
IDEAS'97 Proceedings of the 1997 international conference on International database engineering and applications symposium
Year:
1997

Citing 8
Cited 0

ACTEN: A conceptual model for security systems design

Computers and Security
A model of authorization for next-generation database systems

ACM Transactions on Database Systems (TODS)
A Linear Time Algorithm for Deciding Subject Security

Journal of the ACM (JACM)
The Design and Analysis of Computer Algorithms

The Design and Analysis of Computer Algorithms
A Model for Evaluation and Administration of Security in Object-Oriented Databases

IEEE Transactions on Knowledge and Data Engineering
User Group Structures in Object-Oriented Database Authorization

Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
Access Rights Administration in Role-Based Security Systems

Proceedings of the IFIP WG11.3 Working Conference on Database Security VII
The Complexity and Composability of Secure Interoperation

SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper addresses the authorization of access privileges to users in a local database management system (DBMS) that is interoperating in a distributed database system (DDBMS). Our focus is on the potential an a next generation security system for delegation access concepts such as role hierarchy delegation to violate the security policy in a local database system that is part of the distributed system. This kind of violation can be categorized as a violation of local autonomy. We propose a labeled graph model to detect such a problem.