Advertisement

A Discretionary Security Model for Object-oriented Environments

  • Wilna Jansen van Rensburg
  • Martin S. Olivier
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT)

Abstract

This paper describes a discretionary security model, DISMOO. The model is designed for object-oriented environments. The model itself is therefore based on object-oriented concepts. The purpose of DISMOO is to provide a security model that provides a fine grain of protection, as well as a more advanced, enhanced and flexible discretionary security model. The security model is driven by capabilities, which is an adaptation of the traditional capability concept, used in access control mechanisms. The capability in DISMOO has much more flexibility and functionality. The model will enable all users of the system to protect their entities according to their own discretion.

Keywords

Security models discretionary security object-orientation 

References

  1. Bertin, E and Martino, L (1991) Object-oriented Database Management Systems: Concepts and Issues, Computer, 33–41.Google Scholar
  2. Dittrich, KR, Hartig, M and Pfefferle, H (1989) Discretionary Access Control in Structurally Object-oriented Database Systems, pp 105–122 in Database Security II: Status and Prospects, (ed CE Landwehr), Elsevier, Amsterdam.Google Scholar
  3. Jansen van Rensburg, PW (1995) Diskresionre Sekerheid in Objek Georiënteerde Omgewings, MSc-verhandeling, Randse Afrikaanse Universiteit, Johannesburg.Google Scholar
  4. Kim, W (ed) (1995) Modern Database Systems: The Object Model, Interoperability and Beyond, ACM, New York.zbMATHGoogle Scholar
  5. Longley, D, Shain, M and Caelli, W (1987) Data and Computer Security: Dictionary of Standards, Concepts and Terms, Stockton Press, 1987, New York.Google Scholar
  6. Olivier, MS and Von Solms, SH (1994) A Taxonomy for Secure Object-oriented Databases, ACM Transactions on Database Systems, 19, 1, 3–46.CrossRefGoogle Scholar
  7. Rabitti, F, Bertino, E, Kim, W and Woelk, D (1991) A Model of Authorization for Next- Generation Database Systems, ACM Transactions on Database Systems, 16, 1, 88–131.CrossRefGoogle Scholar
  8. Ting, TC, Demurjian, SA and Hu, M-Y (1992) Requirements, Capabilities and Functionalities of User-role Based Security for an Object-oriented Design Model, pp 275–296 in Database Security V: Status and Prospects, (eds CE Landwehr and S Jajodia), Elsevier, Amsterdam.Google Scholar

Copyright information

© IFIP International Federation for Information Processing 1996

Authors and Affiliations

  • Wilna Jansen van Rensburg
    • 1
  • Martin S. Olivier
    • 1
  1. 1.Department of Computer ScienceRand Afrikaans UniversityJohannesburgSouth Africa

Personalised recommendations