A model of authorization for object-oriented and semantic databases

  • Fausto Rabitti
  • Darrell Woelk
  • Won Kim
Database Administration
Part of the Lecture Notes in Computer Science book series (LNCS, volume 303)

Abstract

This paper presents a formal model of authorization for use as the basis for an authorization mechanism in ORION, a prototype database system which directly supports the object-oriented paradigm and a number of semantic data modeling concepts. The model extends in two significant ways the existing models of authorization, which have been designed for database systems supporting the relational, network, or hierarchical models of data. First, it fully develops the concept of implicit authorization, introduced in an earlier paper [FERN75b], to help solve the storage requirement of representing all authorizations in a system by allowing the system to deduce authorizations from explicitly stored authorizations, and to provide a basis for detecting authorization definitions which conflict with existing authorizations. Second, it provides a formal basis for accommodating a number of modeling concepts which the existing models of authorization cannot address: the IS-PART-OF relationship between an object and its containing object, and versions of an object.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [BANE87]
    Banerjee, J., H. T. Chou, J. Garza, W. Kim, D. Woelk, N. Ballou, and H. J. Kim. “Data Model Issues for Object-Oriented Applications,” ACM Trans. on Office Information Systems, April 1987.Google Scholar
  2. [BOBR83]
    Bobrow, D.G., and M. Stefik. The LOOPS Manual, Xerox PARC, Palo Alto, CA., 1983.Google Scholar
  3. [BOBR85]
    Bobrow, D.G. et al. CommonLoops: Merging Common Lisp and Object-Oriented Programming, Intelligent Systems Laboratory Series ISL-85-8, Xerox PARC, Palo Alto, CA., 1985.Google Scholar
  4. [CHOU86]
    Chou, H.T. and W. Kim, “A Framework for Versions in a CAD Environment,” Proc. 12th Int. Conf. on Very Large Data Bases, August 1986, Kyoto, Japan.Google Scholar
  5. [DATE84]
    Date, C. J. “A Guide to DB2,” Addison-Wesley (1985).Google Scholar
  6. [FERN75a]
    Fernandez, E. B., R. C. Summers, C. D. Coleman, “An Authorization Model for a Shared Database,” Proc. 1975 ACM-SIGMOD Int. Conference, ACM, New York (1975).Google Scholar
  7. [FERN75b]
    Fernandez, E. B., R. C. Summers, T. Lang. “Definition and Evaluation of Access Rules in Data Management Systems,” Proc. 1st Int. Conf. on Very Large Data Bases, Boston (1975).Google Scholar
  8. [FERN81]
    Fernandez, E. B., R. C. Summers, C. Wood, “Database Security and Integrity,” Addison-Wesley (1981).Google Scholar
  9. [GOLD81]
    Goldberg, A. “Introducing the Smalltalk-80 System,” Byte, vol. 6, no. 8, August 1981, pp. 14–26.Google Scholar
  10. [GOLD83]
    Goldberg, A. and D. Robson. Smalltalk-80: The Language and its Implementation, Addison-Wesley, Reading, MA 1983.Google Scholar
  11. [GRAH72]
    Graham, G.S. and P.J. Denning, “Protection: Principles and Practice,” AFIPS Conf. Proc. 40, 1972 SJCC, pages 417–429, AFIPS Press, Montvale, N.J., 1972.Google Scholar
  12. [GRIF76]
    Griffiths, P.P. and B.W. Wade, “An Authorization Mechanism for a Relational Database System,” ACM Transactions on Database Systems, Volume 1, Number 3, September 1976), pages 242–255.Google Scholar
  13. [KIM87]
    Kim, W., et al. “Composite Object Support in an Object-Oriented Database System,” in Proc. Object-Oriented Programming Systems, Languages, and Applications, October 1987, Orlando, Florida.Google Scholar
  14. [LAMP71]
    Lampson, B.W. “Protection,” Proc. of the 5th Annual Princeton Conf. on Information Sciences and Systems, (1971).Google Scholar
  15. [STEF86]
    Stefik, M., and D.G. Bobrow, “Object-Oriented Programming: Themes and Variations,” The Al Magazine, January 1986, pp. 40–62.Google Scholar

Copyright information

© Springer-Verlag 1988

Authors and Affiliations

  • Fausto Rabitti
    • 1
  • Darrell Woelk
    • 1
  • Won Kim
    • 1
  1. 1.Microelectronics and Computer Technology CorporationAustin

Personalised recommendations