The role graph model and conflict of interest
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Database System Concepts
Lattice-Based Access Control Models
Computer
Database Security Integration using Role-Based Access Control
Proceedings of the IFIP TC11/ WG11.3 Fourteenth Annual Working Conference on Database Security: Data and Application Security, Development and Directions
Role Hierarchies and Constraints for Lattice-Based Access Controls
ESORICS '96 Proceedings of the 4th European Symposium on Research in Computer Security: Computer Security
Efficient management of very large ontologies
AAAI'97/IAAI'97 Proceedings of the fourteenth national conference on artificial intelligence and ninth conference on Innovative applications of artificial intelligence
| Hi-index | 0.00 |
Whenever a shared database resource, containing critical patient data, is created, protecting the contents of the database is a high priority goal. This goal can be achieved by developing a Query-By-Example (QBE) interface, designed to access a shared database, and embedding within the QBE a hierarchical security module that limits access to the data. The security module ensures that researchers working in one clinic do not get access to data from another clinic. The security can be based on a flexible taxonomy structure that allows ordinary users to access data from individual clinics and super users to access data from all clinics [1]. All researchers submit queries through the same interface and the security module processes the taxonomy and user identifiers to limit access. Using this system, two different users with different access rights can submit the same query and get different results thus reducing the need to create different interfaces for different clinics and access rights.