The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.01 - January-February (1997 vol.9)
pp: 85-101
ABSTRACT
<p><b>Abstract</b>—We propose two extensions to the authorization model for relational databases defined originally by Griffiths and Wade. The first extension concerns a new type of revoke operation, called <it>noncascading</it> revoke operation. The original model contains a single, <it>cascading</it> revoke operation, meaning that when a privilege is revoked from a user, a recursive revocation takes place that deletes all authorizations granted by this user that do not have other supporting authorizations. The new type of revocation avoids the recursive revocation of authorizations. The second extension concerns <it>negative</it> authorization which permits specification of explicit denial for a user to access an object under a particular mode. We also address the management of views and groups with respect to the proposed extensions.</p>
INDEX TERMS
Database systems, relational database, access control, authorization, security, protection, privacy, revocation of authorizations.
CITATION
Elisa Bertino, Pierangela Samarati, Sushil Jajodia, "An Extended Authorization Model for Relational Databases", IEEE Transactions on Knowledge & Data Engineering, vol.9, no. 1, pp. 85-101, January-February 1997, doi:10.1109/69.567051
37 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool