A Formal Implementation of Database Security
Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 33090
A Formal Implementation of Database Security

Authors: Yun Bai

Abstract:

This paper is to investigate the impplementation of security mechanism in object oriented database system. Formal methods plays an essential role in computer security due to its powerful expressiveness and concise syntax and semantics. In this paper, both issues of specification and implementation in database security environment will be considered; and the database security is achieved through the development of an efficient implementation of the specification without compromising its originality and expressiveness.

Keywords: database security, authorization policy, logic basedspecification

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1333148

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1717

References:


[1] E. Bertino, F. Buccafurri, E. Ferrari and P. Rullo, "A Logic-based Approach for Enforcing Access Control". Computer Security, vol.8, No.2- 2, pp109-140, 2000.
[2] E. Bertino, B. Catania, E. Ferrari and P. Perlasca, "A Logical Framework for Reasoning about Access Control Models". ACM Transactions on Information and System Security, Vol.6, No.1, pp71-127, 2003.
[3] C. Bettini, S. Jajodia, X. S. Wang and D. Wijesekera, "Provisions and Obligations in Policy Management and Security Applications". Proceedings of the Very Large Database Conference, pp502-513, 2002.
[4] S. Jajodia, P. Samarati, M.L. Sapino and V.S. Subrahmanian, "Flexible Support for Multiple Access Control Policies". ACM Transactions on Database Systems, Vol.29, No.2, pp214-260, 2001.
[5] N. Li, B. Grosof and J. Feigenbaum, "Delegation Logic: A Logicbased Approach to Distributed Authorization". ACM Transactions on Information and System Security, Vol.6, No.1, pp128-171, 2003.
[6] L. Wang, D. Wijesekera and S. Jajodia, "A logic-based framework for attribute based access control," Proceedings of the ACM Workshop on Formal Methods in Security Engineering, pp45-55, 2004.
[7] T.Y.C. Woo and S.S. Lam, "Authorization in Distributed systems: A Formal Approach". Proceedings of IEEE Symposium on Research in Security and Privacy, pp33-50, 1992.