Issue No. 04 - July (1979 vol. 5)
D.K. Hsiao , Department of Computer and Information Science, The Ohio State University
Data items in a database are semantically related. Thus, the access control mechanism of a database system must be concerned with the possibility that access to one item may violate a denied access to another item. This study concentrates on two basic semantic relations for protection requirements. By utilizing a graph-theoretic approach, some of the fundamental properties of the protection relations can be readily identified. These properties can then be used as a basis for understanding more general context dependent protection requirements. Two fundamental properties of the two protection relations are found. The first property addresses the question: given a database with a set of protection relations, is it possible to find a maximal subset of the database such that access to one item of the subset will not lead to any violation of a denied access to another item? The second property addresses the question: given a database with a set of protection relations, is it possible to find a sequence of accesses such that the protection requirement is enforced with no violation?
graph-theoretic approach, Access control, context protection, security
D. Kerr, D. Hsiao and n. Chen-Jen Nee, "Database Access Control in the Presence of Context Dependent Protection Requirements," in IEEE Transactions on Software Engineering, vol. 5, no. , pp. 349-358, 1979.