Nested transactions: an approach to reliable distributed computing
Nested transactions: an approach to reliable distributed computing
Mandatory security in object-oriented database systems
OOPSLA '89 Conference proceedings on Object-oriented programming systems, languages and applications
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Database security: research and practice
Information Systems
Role-Based Access Control Models
Computer
Numerical analysis: mathematics of scientific computing (2nd ed)
Numerical analysis: mathematics of scientific computing (2nd ed)
The multilevel relational (MLR) data model
ACM Transactions on Information and System Security (TISSEC)
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
Oblivious transfer and polynomial evaluation
STOC '99 Proceedings of the thirty-first annual ACM symposium on Theory of computing
A flexible authorization mechanism for relational data management systems
ACM Transactions on Information Systems (TOIS)
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A lattice model of secure information flow
Communications of the ACM
Protection in operating systems
Communications of the ACM
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
A nested transaction model for multilevel secure database management systems
ACM Transactions on Information and System Security (TISSEC)
Secure and selective dissemination of XML documents
ACM Transactions on Information and System Security (TISSEC)
Handbook of Applied Cryptography
Handbook of Applied Cryptography
Active Database Systems: Triggers and Rules for Advanced Database Processing
Active Database Systems: Triggers and Rules for Advanced Database Processing
Transaction Processing: Concepts and Techniques
Transaction Processing: Concepts and Techniques
Database Security and Integrity
Database Security and Integrity
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
Securing XML Documents with Author-X
IEEE Internet Computing
Architecture of the ORION Next-Generation Database System
IEEE Transactions on Knowledge and Data Engineering
An Extended Authorization Model for Relational Databases
IEEE Transactions on Knowledge and Data Engineering
Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Administrative scope: A foundation for role-based administrative models
ACM Transactions on Information and System Security (TISSEC)
An authorization system for digital libraries
The VLDB Journal — The International Journal on Very Large Data Bases
ACM SIGOPS Operating Systems Review
Succinct specifications of portable document access policies
Proceedings of the ninth ACM symposium on Access control models and technologies
Trust-X: A Peer-to-Peer Framework for Trust Establishment
IEEE Transactions on Knowledge and Data Engineering
Extending query rewriting techniques for fine-grained access control
SIGMOD '04 Proceedings of the 2004 ACM SIGMOD international conference on Management of data
Selective and Authentic Third-Party Distribution of XML Documents
IEEE Transactions on Knowledge and Data Engineering
IEEE Security and Privacy
An authorization model for geographical maps
Proceedings of the 12th annual ACM international workshop on Geographic information systems
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Purpose based access control of complex data for privacy protection
Proceedings of the tenth ACM symposium on Access control models and technologies
Securing XML data in third-party distribution systems
Proceedings of the 14th ACM international conference on Information and knowledge management
ICDE '06 Proceedings of the 22nd International Conference on Data Engineering
ACM Transactions on Information and System Security (TISSEC)
OACerts: Oblivious Attribute Certificates
IEEE Transactions on Dependable and Secure Computing
Role-Based Access Control, Second Edition
Role-Based Access Control, Second Edition
GEO-RBAC: A spatially aware RBAC
ACM Transactions on Information and System Security (TISSEC)
An approach to evaluate policy similarity
Proceedings of the 12th ACM symposium on Access control models and technologies
Robust and Efficient Sharing of RSA Functions
Journal of Cryptology
Database technologies for electronic commerce
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Controlling access to published data using cryptography
VLDB '03 Proceedings of the 29th international conference on Very large data bases - Volume 29
Limiting disclosure in hippocratic databases
VLDB '04 Proceedings of the Thirtieth international conference on Very large data bases - Volume 30
On the correctness criteria of fine-grained access control in relational databases
VLDB '07 Proceedings of the 33rd international conference on Very large data bases
A Critique of the ANSI Standard on Role-Based Access Control
IEEE Security and Privacy
Detecting anomalous access patterns in relational databases
The VLDB Journal — The International Journal on Very Large Data Bases
Network security: private communication in a public world, second edition
Network security: private communication in a public world, second edition
A Security Punctuation Framework for Enforcing Access Control on Streaming Data
ICDE '08 Proceedings of the 2008 IEEE 24th International Conference on Data Engineering
Privacy-Aware Role-Based Access Control
IEEE Security and Privacy
Visualization for Access Control Policy Analysis Results Using Multi-level Grids
POLICY '09 Proceedings of the 2009 IEEE International Symposium on Policies for Distributed Systems and Networks
Query Processing Techniques for Compliance with Data Confidence Policies
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Oblivious transfer with access control
Proceedings of the 16th ACM conference on Computer and communications security
Risk-based access control systems built on fuzzy inferences
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Practical threshold signatures
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Privilege states based access control for fine-grained intrusion response
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Design and Implementation of an Intrusion Response System for Relational Databases
IEEE Transactions on Knowledge and Data Engineering
Supporting data aspects in pig latin
Proceedings of the 12th annual international conference on Aspect-oriented software development
Hi-index | 0.00 |
As organizations depend on, possibly distributed, information systems for operational, decisional and strategic activities, they are vulnerable to security breaches leading to data theft and unauthorized disclosures even as they gain productivity and efficiency advantages. Though several techniques, such as encryption and digital signatures, are available to protect data when transmitted across sites, a truly comprehensive approach for data protection must include mechanisms for enforcing access control policies based on data contents, subject qualifications and characteristics, and other relevant contextual information, such as time. It is well understood today that the semantics of data must be taken into account in order to specify effective access control policies. To address such requirements, over the years the database security research community has developed a number of access control techniques and mechanisms that are specific to database systems. In this monograph, we present a comprehensive state of the art about models, systems and approaches proposed for specifying and enforcing access control policies in database management systems. In addition to surveying the foundational work in the area of access control for database systems, we present extensive case studies covering advanced features of current database management systems, such as the support for fine-grained and context-based access control, the support for mandatory access control, and approaches for protecting the data from insider threats. The monograph also covers novel approaches, based on cryptographic techniques, to enforce access control and surveys access control models for object-databases and XML data. For the reader not familiar with basic notions concerning access control and cryptography, we include a tutorial presentation on these notions. Finally, the monograph concludes with a discussion on current challenges for database access control and security, and preliminary approaches addressing some of these challenges.