A cryptographic mechanism for object-instance-based authorization in object-oriented database systems

  • Ahmad Baraani-Dastjerdi
  • Reihaneh Safavi-Naini
  • Josef Pieprzyk
  • Janusz R. Getta
Object Design and Modeling
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1021)


In this paper a mechanism for access control at the instance level of a class in object-oriented databases is suggested. The approach is based on the use of pseudo-random functions and sibling intractable functions. Each object-instance in the object-oriented model is associated with access keys that insure secure access to the object and all related objects. The security of the system depends on the difficulty of predicting the output of pseudorandom functions and finding extra collision for the sibling intractable function family. The authorization system supports ownership and granting/revoking of access rights.


Data Security Database Security Authorization System Access Control DAC Object-Oriented Databases Cryptography 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    A. Baraani-Dastjerdi and J. Pieprzyk and R. Safavi-Naini and J. R. Getta. A Cryptographic Mechanism for Object-Instnace-Based Authorization in Object-Oriented Database Systems. Technical report, TR-95-1, Department of Computer Science, The University of Wollongong, Wollongong, Australia, 1995.Google Scholar
  2. 2.
    A. Baraani-Dastjerdi and J. R. Getta and J. Pieprzyk and R. Safavi-Naini. A Cryptographic Solution to Discretionary Access Control in Structurally Object-Oriented Databases. In Proceedings of the 6th Australian Database Conference (ADC'95), volume 17(2), pages 36–45, 1995.Google Scholar
  3. 3.
    D. B. Faatz and D. L. Spooner. Discretionary Access Control in Object-Oriented Engineering Database Systems. In Database Security IV: Status and Prospects, pages 73–83, 1991.Google Scholar
  4. 4.
    E. B. Fernandez and R. C. Summers and C. Wood. Database Security and Integrity. Addison-Wesley Publishing Company, 1981.Google Scholar
  5. 5.
    F. Rabitti and E. Bertino and W. Kim and D. Woelk. A Model of Authorization for Next-Generation Database Systems. ACM Transactions on Database Systems, 16(1):88–131, March 1991.Google Scholar
  6. 6.
    K. Dittrich. Object-Oriented Database Systems: The Notations and Issues. In Proceedings of the First International Workshop on Object-Oriented Database Systems. IEEE Computer Society Press, September 1986.Google Scholar
  7. 7.
    K. R. Dittrich and M. Hartig and H. Pfefferle. Discretionary Access Control In Structurally Object-Oriented Database Systems. In Database Security II: Status and Prospects, pages 105–121, 1989.Google Scholar
  8. 8.
    M. Atkinson and D. DeWitt and D. Maier and F. Bancilhon and K. Dittrich. The Object-Oriented Database System Manifesto. In Proceeding of First International Conference on DOOD89, pages 223–240, December 1989.Google Scholar
  9. 9.
    M. Naor and M. Yung. Universal one-way hash functions and their cryptographic applications. In Proceedings of the 21st ACM Symposium on Theory of Computing, pages 33–43. ACM, 1989.Google Scholar
  10. 10.
    P. P. Griffiths and B. W. Wade. An Authorization mechanism for a Relational Database System. ACM Transactions on Database Systems, 1(3):242–253, 1976.Google Scholar
  11. 11.
    S. G. Akl and P. D. Taylor. Cryptographic Solution To A Multilevel Security Problem. In Advances in Cryptology Proceedings of CRYPTO'82, pages 237–250. Plenum Press, 1982.Google Scholar
  12. 12.
    T. Hardjono and Y. Zheng and J. Seberry. A New Approach to Database Authentication. In Research and Practical Issues in Databases:Proceedings of the Third Australian Database Conference (Database'92), pages 334–342, 1992.Google Scholar
  13. 13.
    Won Kim. Object-Oriented Databases: Definition and Research Directions. IEEE Transactions on Knowledge and Data Engineering, 2(3):327–341, September 1990.Google Scholar
  14. 14.
    Y. Zheng and T. Hardjono and J. Pieprzyk. The Sibling Intractable Function Family (SIFF): Notation, Construction and Applications. IEICE Transactions, Fundamentals, E76-A(1):4–13, January 1993.Google Scholar
  15. 15.
    Yair Wand. A Proposal for a Formal Model of Objects. In Object-Oriented Concepts, Databases, and Applications, pages 537–559. Addison-Wesley, Reading, ACM Press, 1989.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1995

Authors and Affiliations

  • Ahmad Baraani-Dastjerdi
    • 1
  • Reihaneh Safavi-Naini
    • 1
  • Josef Pieprzyk
    • 1
  • Janusz R. Getta
    • 1
  1. 1.Department of Computer ScienceUniversity of WollongongWollongongAustralia

Personalised recommendations