Encyclopedia of Cryptography and Security

2011 Edition
| Editors: Henk C. A. van Tilborg, Sushil Jajodia

Roles in SQL

  • Alessandro Campi
Reference work entry
DOI: https://doi.org/10.1007/978-1-4419-5906-5_685
How to cite

Synonyms

 RBAC

Related Concepts

 ε-Privacy;  Role-Based Access Control

Definition

Databases have a number of users viewing and accessing data, which makes security a major concern. SQL roles, which grant and deny permissions to groups of users, are used to control the access to data allowing users to view or modify only the data they are authorized. More precisely, a role defines what a user can and cannot do within a database, and multiple users can share the same role.

Background

Roles are a part of the tiered security model: they can be used to manage login security relating to the server connections, database security getting appropriate accesses to the database and getting appropriate accesses to individual database objects and data. When the user logs in to the server entering a password, access to the stored databases is determined by user accounts. After gaining access to an actual database, the user is restricted to the data he or she can view and modify. The main benefit of...

This is a preview of subscription content, log in to check access.

Recommended Reading

  1. 1.
    Al Bouna B, Chbeir R (2006) Multimedia-based authorization and access control policy specification. In: SWS ’06: proceedings of the 3rd ACM workshop on secure web services. ACM, New York, pp 61–68Google Scholar
  2. 2.
    Atluri V, Mazzoleni P (2002) A uniform indexing scheme for geo-spatial data and authorizations. In: Proceedings of the sixteenth conference on data and application security. Cambridge, pp 207–218, http://portal.acm.org/citation.cfm?id=1359363&CFID=13016546&CFTOKEN=95674504
  3. 3.
    Belussi A, Bertino E, Catania B, Damiani ML, Nucita A (2004) An authorization model for geographical maps. In: GIS ’04: proceedings of the 12th annual ACM international workshop on geographic information systems. ACM, New York, pp 82–91Google Scholar
  4. 4.
    Bertino E, Bonatti PA, Ferrari E (2001) Trbac: a temporal role-based access control model. ACM Trans Inf Syst Secur 4(3):191–233Google Scholar
  5. 5.
    Bertino E, Catania B, Ferrari E, Perlasca P (2001) A logical framework for reasoning about access control models. In: SACMAT ’01: proceedings of the sixth ACM symposium on access control models and technologies. ACM, New York, pp 41–52Google Scholar
  6. 6.
    Bertino E, Damiani ML, Momini D (2004) An access control system for a web map management service. In: RIDE ’04: proceedings of the 14th international workshop on research issues on data engineering: web services for e-commerce and e-government applications (RIDE’04). IEEE Computer Society, Washington, DC, pp 33–39Google Scholar
  7. 7.
    Bhatti R, Ghafoor A, Bertino E, Joshi JBD (2005) X-gtrbac: an xml-based policy specification framework and architecture for enterprisewide access control. ACM Trans Inf Syst Secur 8(2):187–227Google Scholar
  8. 8.
    Byun JW, Li N (2008) Purpose based access control for privacy protection in relational database systems. VLDB J 17(4):603–619Google Scholar
  9. 9.
    Chigrik A (2001) Understanding sql server roles. http://www. databasejournal.com/features/mssql/article.php/1441261/under%20standing-SQL-server-roles.htm. Accessed 15 July 2010
  10. 10.
    Covington MJ, Long W, Srinivasan S, Dev AK, Ahamad M, Abowd GD (2001) Securing context-aware applications using environment roles. In: SACMAT ’01: proceedings of the sixth ACM symposium on access control models and technologies. ACM, New York, pp 10–20Google Scholar
  11. 11.
    Damiani ML, Bertino E, Catania B, Perlasca P (2007) Geo-rbac: a spatially aware rbac. ACM Trans Inf Syst Secur 10(1):2Google Scholar
  12. 12.
    Finance B, Medjdoub S, Pucheral P (2005) The case for access control on xml relationships. In: CIKM ’05: proceedings of the 14th ACM international conference on Information and knowledge management. ACM, New York, pp 107–114Google Scholar
  13. 13.
  14. 14.
    Hitchens M, Varadharajan V (2001) Rbac for xml document stores. In: ICICS ’01: proceedings of the third international conference on information and communications security. Springer, London, pp 131–143Google Scholar
  15. 15.
    Kamra A, Terzi E, Bertino E (2008) Detecting anomalous access patterns in relational databases. VLDB J 17(5):1063–1077Google Scholar
  16. 16.
    Joshi JBD, Bertino E, Latif U, Ghafoor A (2005) A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng 17(1):4–23Google Scholar
  17. 17.
    Ling L, zsu MT (ed) (2009) Encyclopedia of database systems, vol 4. SpringerGoogle Scholar
  18. 18.
    Matheus A (2005) Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure. In: SACMAT ’05: proceedings of the tenth ACM symposium on Access control models and technologies. ACM, New York, pp 21–28Google Scholar
  19. 19.
    Osborn SL, Han Y, Liu J (2003) A methodology for managing roles in legacy systems. In: SACMAT ’03: proceedings of the eighth ACM symposium on access control models and technologies. ACM, New York, pp 33–40Google Scholar
  20. 20.
    Purevjii BO, Amagasa T, Imai S, Kanamori Y (2004) An access control model for geographic data in an xml-based framework. In: WOSIS, pp 251–260Google Scholar
  21. 21.
    Rabitti F, Woelk D, Kim W (1988) A model of authorization for object-oriented and semantic databases. In: EDBT ’88: proceedings of the international conference on extending database technology. Springer, London, pp 231–250Google Scholar
  22. 22.
    Sandhu RS (1996) Role hierarchies and constraints for lattice-based access controls. In: ESORICS ’96: proceedings of the 4th European symposium on research in computer security. Springer, London, pp 65–79Google Scholar
  23. 23.
    Wang J, Osborn SL (2004) A role-based approach to access control for xml databases. In: SACMAT ’04: proceedings of the ninth ACM symposium on access control models and technologies. ACM, New York, pp 70–77Google Scholar
  24. 24.
    Wong RK (1997) Rbac support in object-oriented role databases. In: RBAC ’97: proceedings of the second ACM workshop on role-based access control. ACM, New York, pp 109–120Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2011

Authors and Affiliations

  • Alessandro Campi
    • 1
  1. 1.Dipartimento di Elettronica e InformazionePolitecnico di MilanoMilanoItaly