Title :
Using Criterion-Based Access Control for Multilevel Database Security
Author_Institution :
Dept. of Comput. Inf. Technol., Purdue Univ. Calumet, Hammond, IN
Abstract :
This paper presents a novel criterion-based access control approach to deal with multilevel database security. In this approach, authorization rules are transformed to security criteria, security criterion expressions, and security criterion subsets. Security criterion expressions are associated with (sub) objects to serve as locks, and security criteria are associated with users to serve as keys. The fine-grained multilevel access control is achieved by using the available security criteria (keys) to evaluate the security criterion expressions (locks). Whether an (sub) object such as a cell, a row, a column, or a table is accessible to a user depends on the evaluation values of the relevant security criterion expressions.
Keywords :
authorisation; database management systems; authorization rules; criterion-based access control; multilevel database security; security criteria; Access control; Data security; Databases; Decision support systems; Electronic commerce;
Conference_Titel :
Electronic Commerce and Security, 2008 International Symposium on
Conference_Location :
Guangzhou City
Print_ISBN :
978-0-7695-3258-5
DOI :
10.1109/ISECS.2008.198
