The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

On The Correctness Criteria of Fine-Grained Access Control in Relational Databases

Download

Download PDF Document
PDF

Author

Qihua Wang, Ting Yu, Ninghui Li, Jorge Lobo, Elisa Bertino, Keith Irwin, Ji-Won Byun

Tech report number

CERIAS TR 2006-28

Entry type

article

Abstract

Databases are increasingly being used to store information covered by heterogeneous policies, which require support for access control with great flexibility. It has been well recognized that traditional database-level or table-level access control is insufficient to meet this requirement. This has led to increased interest in using fine-grained access control, which may be extended down to such levels where different cells in a relation may be governed by different access control rules. Though several works have been done to support fine-grained access control, there is no formal notion of correctness with regards to the results of queries to such databases. In this paper, we describe a formal notion of correctness in fine-grained database access control, and discuss why existing approaches fall short in at least some circumstances. We then propose a query evaluation algorithm which better supports fine-grained access control.

Download

PDF

Key alpha

access control

Publication Date

2001-01-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.