Towards an authorization mechanism for user-role based security in an object-oriented design model

Author

Demurjian, S.A. ; Hu, M.-Y. ; Ting, T.C. ; Kleinman, D.

Author_Institution

Dept. of Comput. Sci. & Eng., Connecticut Univ., Storrs, CT, USA

fYear

1993

fDate

23-26 Mar 1993

Firstpage

195

Lastpage

202

Abstract

User-role based security (URBS) is a technique for characterizing database security that takes the responsibilities of individuals into consideration when determining the security requirements of an application. In previous work, the authors developed a set of techniques for defining and analyzing URBS for an application. They extend this work by considering an actual individual´s authorized access rights in an application, and by focusing on specifying, analyzing, and validating these rights. Inconsistencies and conflicts not identified when the roles were defined and analyzed, might become apparent when different roles are combined to represent the privileges for an individual. This study serves as a fundamental step toward supporting an authorization mechanism for URBS, thereby achieving management and control over all authorized accesses to an object-oriented database

Keywords

authorisation; object-oriented databases; security of data; authorization mechanism; authorized access rights; conflicts; database security; object-oriented database; object-oriented design model; user-role based security; Access control; Application software; Authorization; Computer security; Data security; Database systems; Information security; Object oriented databases; Object oriented modeling; Permission;

fLanguage

English

Publisher

ieee

Conference_Titel

Computers and Communications, 1993., Twelfth Annual International Phoenix Conference on

Conference_Location

Tempe, AZ

Print_ISBN

0-7803-0922-7

Type

conf

DOI

10.1109/PCCC.1993.344464

Filename

344464