Views for Multilevel Database Security
IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Security and inference in multilevel database and knowledge-base systems
SIGMOD '87 Proceedings of the 1987 ACM SIGMOD international conference on Management of data
Resolving the tension between integrity and security using a theorem prover
SIGMOD '88 Proceedings of the 1988 ACM SIGMOD international conference on Management of data
Integrity versus security in multi-level secure databases
on Database Security: Status and Prospects
IEEE Transactions on Software Engineering
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
Toward a multilevel secure relational data model
SIGMOD '91 Proceedings of the 1991 ACM SIGMOD international conference on Management of data
SIGMOD '91 Proceedings of the 1991 ACM SIGMOD international conference on Management of data
AERIE: an inference modeling and detection approach for databases
Results of the Sixth Working Conference of IFIP Working Group 11.3 on Database Security on Database security, VI : status and prospects: status and prospects
A polymorphic calculus for views and object sharing (extended abstract)
PODS '94 Proceedings of the thirteenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems
Secure databases: protection against user influence
ACM Transactions on Database Systems (TODS)
The tracker: a threat to statistical database security
ACM Transactions on Database Systems (TODS)
Security in statistical databases for queries with small counts
ACM Transactions on Database Systems (TODS)
A model of statistical database their security
ACM Transactions on Database Systems (TODS)
A security machanism for statistical database
ACM Transactions on Database Systems (TODS)
Certification of programs for secure information flow
Communications of the ACM
A lattice model of secure information flow
Communications of the ACM
Database Security and Integrity
Database Security and Integrity
Controlling FD and MVD Inferences in Multilevel Relational Database Systems
IEEE Transactions on Knowledge and Data Engineering
Supporting Access Control in an Object-Oriented Database Language
EDBT '92 Proceedings of the 3rd International Conference on Extending Database Technology: Advances in Database Technology
Schema Virtualization in Object-Oriented Databases
Proceedings of the Fourth International Conference on Data Engineering
Inference-Security Analysis Using Resolution Theorem-Proving
Proceedings of the Fifth International Conference on Data Engineering
Object Views: Extending the Vision
Proceedings of the Sixth International Conference on Data Engineering
Data Hiding and Security in Object-Oriented Databases
Proceedings of the Eighth International Conference on Data Engineering
Multiview: A Methodology for Supporting Multiple Views in Object-Oriented Databases
VLDB '92 Proceedings of the 18th International Conference on Very Large Data Bases
A Model of Methods Access Authorization in Object-oriented Databases
VLDB '93 Proceedings of the 19th International Conference on Very Large Data Bases
Detection and Elimination of Inference Channels in Multilevel Relational Database Systems
SP '93 Proceedings of the 1993 IEEE Symposium on Security and Privacy
Inference Channel-Free Integrity Constraints in Multilevel Relational Databases
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Security against Inference Attacks on Negative Information in Object-Oriented Databases
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Journal of Computer and System Sciences
ACS'07 Proceedings of the 7th Conference on 7th WSEAS International Conference on Applied Computer Science - Volume 7
Hi-index | 0.00 |
Access control in function granularity is one of the features of many object-oriented databases. In those systems, the users are granted rights to invoke composed functions instead of rights to invoke primitive operations. Although primitive operations are invoked inside composed functions, the users can invoke them only through the granted functions. This achieves access control in abstract operation level. Access control utilizing encapsulated functions, however, easily causes many "security flaws" through which malicious users can bypass the encapsulation and can abuse the primitive operations inside the functions. In this paper, we develop a technique to statically detect such security flaws. First, we design a framework to describe security requirements that should be satisfied. Then, we develop an algorithm that syntactically analyzes program code of the functions and determines whether given security requirements are satisfied or not. This algorithm is sound, that is, whenever there is a security flaw, it detects it.