Concurrency control and recovery in database systems
Concurrency control and recovery in database systems
Modular Concurrency Control and Failure Recovery
IEEE Transactions on Computers
Hybrid concurrency control for abstract data types
Journal of Computer and System Sciences
Semantics-based concurrency control: beyond commutativity
ACM Transactions on Database Systems (TODS)
Formal aspects of concurrency control in long-duration transaction systems using the NT/PV model
ACM Transactions on Database Systems (TODS)
Role-Based Access Control Models
Computer
Applying formal methods to semantic-based decomposition of transactions
ACM Transactions on Database Systems (TODS)
Constraints for role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Concurrency control: methods, performance, and analysis
ACM Computing Surveys (CSUR)
Conflict analysis for management policies
Proceedings of the fifth IFIP/IEEE international symposium on Integrated network management V : integrated management in a virtual world: integrated management in a virtual world
An access control model supporting periodicity constraints and temporal reasoning
ACM Transactions on Database Systems (TODS)
Using semantic knowledge for transaction processing in a distributed database
ACM Transactions on Database Systems (TODS)
Multilevel atomicity—a new correctness criterion for database concurrency control
ACM Transactions on Database Systems (TODS)
Enterprise information systems
Techniques for Supporting Dynamic and Adaptive Workflow
Computer Supported Cooperative Work
Use of an Experimental Policy Workbench: Description and Preliminary Results
Results of the IFIP WG 11.3 Workshop on Database Security V: Status and Prospects
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
A Flexible Method for Information System Security Policy Specification
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
Using Event Calculus to Formalise Policy Specification and Analysis
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Building reconfiguration primitives into the law of a system
ICCDS '96 Proceedings of the 3rd International Conference on Configurable Distributed Systems
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
An Adaptive Policy-Based Framework for Network Services Management
Journal of Network and Systems Management
Real-time update of access control policies
Data & Knowledge Engineering
Policy Conflict Analysis for Quality of Service Management
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Applying Semantic Knowledge to Real-Time Update of Access Control Policies
IEEE Transactions on Knowledge and Data Engineering
A Flexible Access Control Model for Distributed Collaborative Editors
SDM '09 Proceedings of the 6th VLDB Workshop on Secure Data Management
Optimistic access control for distributed collaborative editors
Proceedings of the 2011 ACM Symposium on Applied Computing
Hi-index | 0.00 |
Real-time update of access control policies, that is, updating policies while they are in effect and enforcing the changes immediately and automatically, is necessary for many dynamic environments. Examples of such environments include disaster relief and war zone. In such situations, system resources may need re-configuration or operational modes may change, necessitating a change of policies. For the system to continue functioning, the policies must be changed immediately and the modified policies automatically enforced. In this paper, we propose a solution to this problem-we consider real-time update of access control policies in the context of a database system. In our model, a database consists of a set of objects that are read and updated through transactions. Access to the data objects are controlled by access control policies which are stored in the form of policy objects. We consider an environment in which different kinds of transactions execute concurrently; some of these may be transactions updating policy objects. Updating policy objects while they are deployed can lead to potential security problems. We propose algorithms that not only prevent such security problems, but also ensure serializable execution of transactions. The algorithms differ on the degree of concurrency provided and the kinds of policies each can update.