Journal of the ACM (JACM)
Update and retrieval in a relational database through a universal schema interface
ACM Transactions on Database Systems (TODS)
Integrating security in a large distributed system
ACM Transactions on Computer Systems (TOCS)
View updates in relational databases with an independent scheme
ACM Transactions on Database Systems (TODS)
A model of authorization for next-generation database systems
ACM Transactions on Database Systems (TODS)
A temporal authorization model
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Update semantics of relational views
ACM Transactions on Database Systems (TODS)
ACM Transactions on Database Systems (TODS)
System R: relational approach to database management
ACM Transactions on Database Systems (TODS)
An authorization mechanism for a relational database system
ACM Transactions on Database Systems (TODS)
A history and evaluation of System R
Communications of the ACM
Views and Security in Distributed Database Management Systems
EDBT '88 Proceedings of the International Conference on Extending Database Technology: Advances in Database Technology
A Model of Methods Access Authorization in Object-oriented Databases
VLDB '93 Proceedings of the 19th International Conference on Very Large Data Bases
A non-timestamped authorization model for data management systems
CCS '96 Proceedings of the 3rd ACM conference on Computer and communications security
A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A flexible authorization mechanism for relational data management systems
ACM Transactions on Information Systems (TOIS)
An access control model for video database systems
Proceedings of the ninth international conference on Information and knowledge management
A logical framework for reasoning about access control models
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
An Authorization Model for a Distributed Hypertext System
IEEE Transactions on Knowledge and Data Engineering
A Content-Based Authorization Model for Digital Libraries
IEEE Transactions on Knowledge and Data Engineering
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
CSFW '01 Proceedings of the 14th IEEE workshop on Computer Security Foundations
Video query processing in the VDBMS testbed for video database research
MMDB '03 Proceedings of the 1st ACM international workshop on Multimedia databases
The semantics of an extended referential integrity for a multilevel secure relational data model
Data & Knowledge Engineering
A compressed accessibility map for XML
ACM Transactions on Database Systems (TODS)
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Integration and Efficient Lookup of Compressed XML Accessibility Maps
IEEE Transactions on Knowledge and Data Engineering
Proceedings of the 6th international conference on Mobile data management
A security model for full-text file system search in multi-user environments
FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
Fine-grained access control to web databases
Proceedings of the 12th ACM symposium on Access control models and technologies
Compressed accessibility map: efficient access control for XML
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
Towards the development of privacy-aware systems
Information and Software Technology
Specification and enforcement of flexible security policy for active cooperation
Information Sciences: an International Journal
Distributed and Parallel Databases
Answering queries based on imprecision and uncertainty trade-offs in numeric databases
SDM'07 Proceedings of the 4th VLDB conference on Secure data management
Privilege states based access control for fine-grained intrusion response
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Supporting multiple access control policies in database systems
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Users tracking and roles mining in web-based applications
Proceedings of the 2011 Joint EDBT/ICDT Ph.D. Workshop
Access Control for Databases: Concepts and Systems
Foundations and Trends in Databases
Role-Based delegation with negative authorization
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
An OWL-Based approach for RBAC with negative authorization
KSEM'06 Proceedings of the First international conference on Knowledge Science, Engineering and Management
Revocation of obligation and authorisation policy objects
DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security
Data protection in distributed database systems
ISMIS'05 Proceedings of the 15th international conference on Foundations of Intelligent Systems
Access rights – the keys to cooperative work/learning
MIS'04 Proceedings of the 2004 international conference on Metainformatics
SecTTS: A secure track & trace system for RFID-enabled supply chains
Computers in Industry
FENCE: continuous access control enforcement in dynamic data stream environments
Proceedings of the third ACM conference on Data and application security and privacy
Policy administration in tag-based authorization
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Role-based access control to outsourced data in cloud computing
ADC '13 Proceedings of the Twenty-Fourth Australasian Database Conference - Volume 137
| Hi-index | 0.00 |
We propose two extensions to the authorization model for relational databases defined originally by Griffiths and Wade. The first extension concerns a new type of revoke operation, called noncascading revoke operation. The original model contains a single, cascading revoke operation, meaning that when a privilege is revoked from a user, a recursive revocation takes place that deletes all authorizations granted by this user that do not have other supporting authorizations. The new type of revocation avoids the recursive revocation of authorizations. The second extension concerns negative authorization which permits specification of explicit denial for a user to access an object under a particular mode. We also address the management of views and groups with respect to the proposed extensions.