Controlling Data Base Access

  • Jay-Louise Weldon
Part of the Applications of Modern Technology in Business book series (AMTB)


Data base security can be defined as the protection of the data base from unauthorized access and/or modification.(1) This protection is not completely provided by procedures that ensure data base integrity since security violations do not necessarily compromise data base integrity. For example, the dba may wish to restrict the operation of retrieving a record from the Employee data base to individuals who hold managerial positions. If an individual who is not a manager does manage to retrieve an Employee record, this act is a security violation but does not impair the integrity of the data base. Thus a comprehensive plan for data base security must include but also go beyond integrity measures.


Data Base Security Feature Authentication Procedure Authorization Policy Data Base System 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Browne, Peter S., Computer security: A survey, Data Base (Association for Computing Machinery SIGBDP Newsletter) 4(3), p. 112, Fall 1972.Google Scholar
  2. 2.
    Protecting valuable data, part 1, EDP Analyzer 11(12), December 1973.Google Scholar
  3. 3.
    Protecting valuable data, part 2, EDP Analyzer 12(1), January 1974.Google Scholar
  4. 4.
    David, Heather M., Computers, privacy, and security, Computer Decisions, pp. 46-48, May 1974.Google Scholar
  5. 5.
    Saltzer, Jerome H., Protection and control of information sharing in Multics, Communications of the ACM 17(7), pp. 388–402, July 1974.CrossRefGoogle Scholar
  6. 6.
    Griffiths, P. P., and B. W. Wade, An authorization mechanism for a relational data base system, ACM Transactions on Database Systems 1(3), pp. 242–255, September 1976.CrossRefGoogle Scholar
  7. 7.
    Fagin, Ronald, On an authorization mechanism, A CM Transactions on Database Systems 3(3), pp. 310–319, September 1978.MathSciNetCrossRefGoogle Scholar
  8. 8.
    Stonebraker, M., and P. Rubenstein, The Ingres protection system, Proceedings of the Association for Computing Machinery Conference, pp. 81–84, Association for Computing Machinery, New York, October 1976.Google Scholar
  9. 9.
    Kam, J. B., and J. D. Ullman, A model of statistical databases and their security, ACM Transactions on Database Systems 2(1), pp. 1–10, Association for Computing Machinery, New York, March 1977.Google Scholar
  10. 10.
    Yu, C. T., and F. Y. Chin, A study on the protection of statistical data bases, Proceedings of the Association for Computing Machinery S/GMOD Conference, pp. 169-181, 1977.Google Scholar
  11. 11.
    Chin, F. Y., Security in statistical databases for queries with small counts, ACM Transactions on Database Systems 3(1), pp. 92–104, March 1978.MathSciNetCrossRefGoogle Scholar
  12. 12.
    Data encryption: Is is for you? EDP Analyzer 16(12), December 1978.Google Scholar
  13. 13.
    Bayer, R., and J. K. Metzger, On the encipherment of search trees and random access files, A CM Transactions on Database Systems 1(1), pp. 37-52, March 1976.Google Scholar
  14. 14.
    National Bureau of Standards, Data Encryption Standard, Federal Information Processing Standards Publication 46, Washington, D.C., January 1977.Google Scholar
  15. 15.
    Merkle, Ralph C., Secure communications over insecure channels, Communications of the ACM 21(4), pp. 294–299, April 1978.CrossRefGoogle Scholar
  16. 16.
    Needham, R. M., and M. D. Schroeder, Using encryption for authentication in large networks of computers, Communications of the ACM 21(12), pp. 993–999, December 1978.Google Scholar
  17. 17.
    Burns, Kevin J., Keys to DBMS security, Computer Decisions, pp. 56-62, January 1976.Google Scholar
  18. 18.
    Date, C. J., An Introduction to Database Systems, second edition, Addison Wesley, Reading, Mass., 1977.MATHGoogle Scholar
  19. 19.
    CincomSystems, Inc., os/total Application Programmer’s Guide, Publication no. P02-1236-00, Cincinnati, Ohio, 1976.Google Scholar
  20. 20.
    DPMA, A Briefing on the Impact of Privacy Legislation, Data Processing Management Association (505 Busse Highway, Park Ridge, 111. 60068), 1975.Google Scholar
  21. 21.
    Westin, A. F., and M. A. Baker, Databanks in a Free Society: Computers, Record-Keeping and Privacy, Quadrangle Books, New York, 1972.Google Scholar
  22. 22.
    Linowes, David F., et al., Technology and Privacy, Appendix 5 to the Report of the Privacy Protection Study Commission, Stock No. 052-003-00425-9, U.S. Government Printing Office, Washington, D.C., 20402, July 1977.Google Scholar
  23. 23.
    Fong, Elizabeth, A Data Base Management Approach to Privacy Act Compliance, NBS Report on Computer Science and Technology, NBS Special Publication No. 500-10, U.S. Dept. of Commerce, June 1977.Google Scholar

Copyright information

© Plenum Press, New York 1981

Authors and Affiliations

  • Jay-Louise Weldon
    • 1
  1. 1.Graduate School of Business AdministrationNew York UniversityNew YorkUSA

Personalised recommendations