Authorization and Revocation in Object-Oriented Databases

Ivo Majetic; Ernst L. Leiss

doi:10.1109/69.617060

Publication
1997
Issue No. 4 - July-August
Abstract - Authorization and Revocation in Object-Oriented Databases

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Ivo Majetic Articles by Ernst L. Leiss

Authorization and Revocation in Object-Oriented Databases

July-August 1997 (vol. 9 no. 4)

pp. 668-672

	ASCII Text	x
	Ivo Majetic, Ernst L. Leiss, "Authorization and Revocation in Object-Oriented Databases," IEEE Transactions on Knowledge and Data Engineering, vol. 9, no. 4, pp. 668-672, July-August, 1997.

	BibTex	x
	@article{ 10.1109/69.617060, author = {Ivo Majetic and Ernst L. Leiss}, title = {Authorization and Revocation in Object-Oriented Databases}, journal ={IEEE Transactions on Knowledge and Data Engineering}, volume = {9}, number = {4}, issn = {1041-4347}, year = {1997}, pages = {668-672}, doi = {http://doi.ieeecomputersociety.org/10.1109/69.617060}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - JOUR JO - IEEE Transactions on Knowledge and Data Engineering TI - Authorization and Revocation in Object-Oriented Databases IS - 4 SN - 1041-4347 SP668 EP672 EPD - 668-672 A1 - Ivo Majetic, A1 - Ernst L. Leiss, PY - 1997 KW - Object-oriented systems KW - inheritance KW - granting KW - revoking KW - bounded propagation of privileges. VL - 9 JA - IEEE Transactions on Knowledge and Data Engineering ER -

Ivo Majetic

Ernst L. Leiss

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/69.617060

Abstract—Few studies of object-oriented databases deal with their security, a fundamental aspect of systems with complex data structures. Most authorization systems give users who own resources only some basic control over them; here, we provide users with more direct control over their resources by associating with each grant propagation numbers. Propagation numbers govern the grantability and exercisability of the privileges. Of particular interest in our study of authorization in an o-o environment is the combination of inheritance and granting of privileges. Diverse policies are discussed and implemented in a test-bed system.

[1] B.J. Cox, Object Oriented Programming: An Evolutionary Approach.Reading, Mass.: Addison-Wesley, 1986.
[2] R. Fagin, "On an Authorization Mechanism," ACM ToDS, vol. 3, no. 3, Sept. 1978.
[3] E.B. Fernandez, R.C. Summers, and C. Wood, "Databases Security and Integrity," System Programming Series.Reading, Mass.: Addison-Wesley, 1981.
[4] E.B. Fernandez, E. Gudes, and H. Song, "A Security Model for Object-Oriented Databases," Proc. IEEE Symp. Research in Security and Privacy,Oakland, Calif., pp. 110-115, 1989.
[5] E.B. Fernandez, E. Gudes, and H. Song, "A Model of Evaluation and Administration of Security in Object-Oriented Databases," IEEE Trans. Knowledge and Data Eng., vol. 6, no. 2, pp. 275-292, Apr. 1994.
[6] E. Gudes, H. Song, and E.B. Fernandez, Evaluation of Authorization in Object-Oriented and Semantic Database, IFIP, Helsinki, 1990.
[7] E. Gudes, H. Song, and E.B. Fernandez, "Evaluation of Negative, Predicate, and Instance-Based Authorization in Object-Oriented Database," Database Security, IV: Status and Prospects, IFIP, 1991.
[8] J. Hughes, Object-Oriented Databases, Prentice Hall, Englewood Cliffs, N.J., 1991.
[9] A.R. Hurson and S.H. Pakzad, "Object-Oriented Database Management Systems: Evolution and Performance Issues," Computer, vol. 26, no. 2, pp. 48-60, Feb. 1993.
[10] M.M. Larrondo-Petrie, E. Gudes, H. Song, and E.B. Fernandez, "Security Policies in Object-Oriented Databases," Database Security, III: Status and Prospects, IFIP, pp. 257-268, 1990.
[11] E.L. Leiss, "Classes of Authorization Systems with Bounded Propagation," Second Int'l Conf. Computer Science,Santiago, Chile, Aug. 1982.
[12] E.L. Leiss, "Grantor-Controlled Administration of Privileges in Database System," Dept. of Computer Science, Univ. of Houston, 1982.
[13] E.L. Leiss, Principles of Data Security.New York: Plenum, 1982.
[14] E.L. Leiss, "On Authorization Systems with Grantor-Controlled Propagation of Privileges," Proc. 26th IEEE Computer Society Int'l Conf.,San Francisco, Mar. 1983.
[15] E.L. Leiss and C. Jitmedha, "Horizontally and Vertically Bounded Propagation of Privileges," Information Processing Letters, vol. 22, pp. 319-327, 1986.
[16] I. Majetic, "Authorization and Revocation in Object-Oriented Databases," MS thesis, Dept. of Computer Science, Univ. of Houston, 1994.
[17] C.L. Chang, R.A. Stachowitz, and J.B. Combs, “Validation of Nonmonotonic Knowledge-Based Systems,” Proc. IEEE Int'l Conf. Tools for Artificial Intelligence, Nov. 1990.
[18] R. Winder, Developing C++ Software.Chichester, U.K.: John Wiley&Sons, 1991.

Index Terms:

Object-oriented systems, inheritance, granting, revoking, bounded propagation of privileges.

Citation:

Ivo Majetic, Ernst L. Leiss, "Authorization and Revocation in Object-Oriented Databases," IEEE Transactions on Knowledge and Data Engineering, vol. 9, no. 4, pp. 668-672, July-Aug. 1997, doi:10.1109/69.617060

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.