Issue No.04 - July (1979 vol.5)
D.K. Hsiao , Department of Computer and Information Science, The Ohio State University
Data items in a database are semantically related. Thus, the access control mechanism of a database system must be concerned with the possibility that access to one item may violate a denied access to another item. This study concentrates on two basic semantic relations for protection requirements. By utilizing a graph-theoretic approach, some of the fundamental properties of the protection relations can be readily identified. These properties can then be used as a basis for understanding more general context dependent protection requirements. Two fundamental properties of the two protection relations are found. The first property addresses the question: given a database with a set of protection relations, is it possible to find a maximal subset of the database such that access to one item of the subset will not lead to any violation of a denied access to another item? The second property addresses the question: given a database with a set of protection relations, is it possible to find a sequence of accesses such that the protection requirement is enforced with no violation?
graph-theoretic approach, Access control, context protection, security
D.K. Hsiao, D.S. Kerr, null Chen-Jen Nee, "Database Access Control in the Presence of Context Dependent Protection Requirements", IEEE Transactions on Software Engineering, vol.5, no. 4, pp. 349-358, July 1979, doi:10.1109/TSE.1979.234202