首页> 外文会议>Association for Computing Machinery Conference on Computer and Communications Security >A Formal Framework for Reflective Database Access Control Policies

【24h】

A Formal Framework for Reflective Database Access Control Policies

机译：反思数据库访问控制策略的正式框架

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Reflective Database Access Control (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege contained in an access control list. RDBAC aids the management of database access controls by improving the expressiveness of policies. However, such policies introduce new interactions between data managed by different users, and can lead to unexpected results if not carefully written and analyzed. We propose the use of Transaction Datalog as a formal framework for expressing reflective access control policies. We demonstrate how it provides a basis for analyzing certain types of policies and enables secure implementations that can guarantee that configurations built on these policies cannot be subverted.

机译：反射数据库访问控制（RDBAC）是数据库权限表示为数据库查询本身的模型，而不是作为访问控制列表中包含的静态权限。 RDBAC通过提高政策的表现力来帮助管理数据库访问控制。但是，此类策略在由不同用户管理的数据之间引入新的交互，并且如果未仔细编写和分析，可能会导致意外结果。我们建议使用事务数据日作为表达反思访问控制策略的正式框架。我们演示了它如何为分析某些类型的策略提供基础，并实现安全实现，可以保证无法颠覆在这些策略上构建的配置。

著录项

来源
《Association for Computing Machinery Conference on Computer and Communications Security 》|2008年||共10页
会议地点
作者
Lars E. Olson; Carl A. Gunter; P. Madhusudan;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类 TP309-53;
关键词
Reflective database access control; Fine-grained access control; Transaction datalog; Formal safety verification;

机译：反射数据库访问控制;细粒度访问控制;事务数据记录;正式安全验证;

相似文献

外文文献
中文文献
专利

1. Managing attribute-based access control policies in a unified framework using data warehousing and in-memory database [J] . Singh Mahendra Pratap, Sural Shamik, Vaidya Jaideep, Computers & Security . 2019 ,第Sepa期

机译：使用数据仓库和内存数据库在统一框架中管理基于属性的访问控制策略
2. Managing attribute-based access control policies in a unified framework using data warehousing and in-memory database [J] . Singh Mahendra Pratap, Sural Shamik, Vaidya Jaideep, Computers & Security . 2019 ,第SEPa期

机译：使用数据仓库和内存数据库在统一框架中管理基于属性的访问控制策略
3. A relational database integrity framework for access control policies [J] . Romuald Thion, Stephane Coulondre Journal of Intelligent Information Systems . 2012 ,第1期

机译：用于访问控制策略的关系数据库完整性框架
4. A formal framework for reflective database access control policies [C] . Lars E. Olson, Carl A. Gunter, P. Madhusudan ACM conference on Computer and communications security . 2008

机译：反射型数据库访问控制策略的正式框架
5. Reflective database access control. [D] . Olson, Lars E. 2009

机译：反射式数据库访问控制。
6. Perspectives of policy and political decision makers on access to formal dementia care: expert interviews in eight European countries [O] . Anja Broda, Anja Bieber, Gabriele Meyer, 2017

机译：政策和政治决策者对获得正规痴呆治疗的看法：八个欧洲国家的专家访谈
7. A formal framework for reflective database access control policies [O] . Lars E. Olson, Carl A. Gunter, P. Madhusudan 2008

机译：反射数据库访问控制策略的正式框架

A Formal Framework for Reflective Database Access Control Policies

摘要

著录项

相似文献

相关主题

期刊订阅