Encyclopedia of Database Systems

2018 Edition
| Editors: Ling Liu, M. Tamer Özsu

Access Control Administration Policies

  • Elena FerrariEmail author
Reference work entry
DOI: https://doi.org/10.1007/978-1-4614-8265-9_332


Authorization administration policies; Authorization administration privileges


Administration policies regulate who can modify the authorization state, that is, who has the right to grant and revoke authorizations.

Historical Background

Authorization management is a an important issue when dealing with access control and, as such, research on this topic is strongly related to the developments in access control. A milestone in the field is represented by the research carried out in the 1970s at IBM in the framework of the System R project. In particular, the work by Griffiths and Wade [9] defines a semantics for authorization revocation, which had greatly influenced the way in which authorization revocation has been implemented in commercial Relational DBMSs. Administrative policies for Object-oriented DBMSs have been studied in [8]. Later on, some extensions to the System R access control administration model, have been defined [3], with the aim of making it more...

This is a preview of subscription content, log in to check access.

Recommended Reading

  1. 1.
    Atluri V, Bertino E, Ferrari E, Mazzoleni P. Supporting delegation in secure workflow management systems. In: Proceedings of the 17th IFIP WG 11.3 Conference on Data and Application Security; 2003. p. 190–202.CrossRefGoogle Scholar
  2. 2.
    Bertino E, Bettini C, Ferrari E, Samarati P. Decentralized administration for a temporal access control model. Inf Syst. 1997;22(4):223–48.CrossRefGoogle Scholar
  3. 3.
    Bertino E, Ferrari E. Administration policies in a multipolicy authorization system. In: Proceedings of the 11th IFIP WG 11.3 Conference on Database Security; 1997. p. 341–55.CrossRefGoogle Scholar
  4. 4.
    Bertino E, Samarati P, Jajodia S. An extended authorization model. IEEE Trans Knowl Data Eng. 1997;9(1):85–101.CrossRefGoogle Scholar
  5. 5.
    Bertino E, Jajodia S, Samarati P. A flexible authorization mechanism for relational data management systems. ACM Trans Inf Syst. 1999;17(2):101–40.CrossRefGoogle Scholar
  6. 6.
    Crampton J, Loizou G. Administrative scope: a foundation for role-based administrative models. ACM Trans Inf Syst Secur. 2003;6(2):201–31.CrossRefGoogle Scholar
  7. 7.
    Database languages – SQL,ISO/IEC 9075–*; 2003.Google Scholar
  8. 8.
    Fernandez EB, Gudes E, Song H. A model for evaluation and administration of security in object-oriented databases. IEEE Trans Knowl Data Eng. 1994;6(2):275–92.CrossRefGoogle Scholar
  9. 9.
    Griffiths PP, Wade BW. An authorization mechanism for a relational database system. ACM Trans Database Syst. 1976;1(3):242–55.CrossRefGoogle Scholar
  10. 10.
    Oh S, Sandhu RS, Zhang X. An effective role administration model using organization structure. ACM Trans Inf Syst Secur. 2006;9(2):113–37.CrossRefGoogle Scholar
  11. 11.
    Sandhu RS, Bhamidipati V, Munawer Q. The ARBAC97 model for role-based administration of roles. ACM Trans Inf Syst Secur. 1999;2(1):105–35.CrossRefGoogle Scholar
  12. 12.
    Seitz L, Rissanen E, Sandholm T, Sadighi Firozabadi B, Mulmo O. Policy administration control and delegation using XACML and delegent. In: Proceedings of the 6th IEEE/ACM International Workshop on Grid Computing; 2005. p. 49–54.Google Scholar
  13. 13.
    Zhang L, Ahn G, Chu B. A rule-based framework for role-based delegation and revocation. ACM Trans Inf Syst Secur. 2003;6(3):404–41.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.DiSTAUniversity of InsubriaVareseItaly

Section editors and affiliations

  • Elena Ferrari
    • 1
  1. 1.DiSTAUniv. of InsubriaVareseItaly