Abstract
In this paper, we propose an authorization model for distributed databases. Multiple object granularity of authorizations, such as global relations, fragments and attributes, are supported. Administrative privilege can be delegated from one subject to another to provide decentralized authorization administration. Authorization propagations along both the relation fragmentation tree and the subject group-subgroup hierarchical tree are also considered. Further more, conflict resolution policy is provided that supports well controlled delegations and exceptions. Overall the system provides a very flexible framework for specifying and evaluating the authorizations in distributed database systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bell, D., Grimson, J.: Distributed Database Systems. Addison-Wesley Publishing Company, Reading (1992)
Bertino, E., Samarati, P., Jajodia, S.: An extended authorization model for relational databases. IEEE Transaction on Knowledge and Data Engineering 9(1) (1997)
Bertino, E., Jajodia, S., Samarati, P.: Supporting multiple access control policies in database systems. In: Proc. of the IEEE Symposium on Research in Security and Privacy, Oakland(CA) (1996)
Griffiths, P.P., Wade, B.W.: An authorization mechanism for a relational database system. ACM Trans. on Database Systems 1(3), 242–255 (1976)
Jajodia, S., Samarati, P., Subrahmanian, V.S., Bertino, B.: A unified framework for enforcing multiple access control policies. In: Proceedings of ACM SIGMOD Conference on Management of Data (1997)
Ruan, C., Varadharajan, V.: Resolving conflicts in authorization delegations, 2002. In: Proceedings of the 7th Australasian Conference on Information Security and Privacy, pp. 271–285 (2002)
Wilms, P.F., Linsday, B.G.: A database authorization mechanism supporting individual and group authorization. In: Distributed Data Sharing Systems, pp. 273–292 (1982)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ruan, C., Varadharajan, V. (2005). Data Protection in Distributed Database Systems. In: Hacid, MS., Murray, N.V., RaÅ›, Z.W., Tsumoto, S. (eds) Foundations of Intelligent Systems. ISMIS 2005. Lecture Notes in Computer Science(), vol 3488. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11425274_20
Download citation
DOI: https://doi.org/10.1007/11425274_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25878-0
Online ISBN: 978-3-540-31949-8
eBook Packages: Computer ScienceComputer Science (R0)