Supporting Periodic Authorizations and Temporal Reasoning in Database Access Control.
Elisa Bertino, Claudio Bettini, Elena Ferrari, Pierangela Samarati:
Supporting Periodic Authorizations and Temporal Reasoning in Database Access Control.
VLDB 1996: 472-483@inproceedings{DBLP:conf/vldb/BertinoBFS96,
author = {Elisa Bertino and
Claudio Bettini and
Elena Ferrari and
Pierangela Samarati},
editor = {T. M. Vijayaraman and
Alejandro P. Buchmann and
C. Mohan and
Nandlal L. Sarda},
title = {Supporting Periodic Authorizations and Temporal Reasoning in
Database Access Control},
booktitle = {VLDB'96, Proceedings of 22th International Conference on Very
Large Data Bases, September 3-6, 1996, Mumbai (Bombay), India},
publisher = {Morgan Kaufmann},
year = {1996},
isbn = {1-55860-382-4},
pages = {472-483},
ee = {db/conf/vldb/BertinoBFS96.html},
crossref = {DBLP:conf/vldb/96},
bibsource = {DBLP, http://dblp.uni-trier.de}
}
Abstract
Several formal models for database access control have been
proposed. However, little attention has been paid to temporal
issues like authorizations with limited validity or obtained by
deductive reasoning with temporal constraints. We present an access
control model in which authorizations contain periodic temporal
intervals of validity. An authorization is automatically granted in
the time intervals specified by a periodic expression and revoked
when such intervals expire. Deductive temporal rules with
periodicity and order constraints are provided to derive new
authorizations based on the presence or absence of other
authorizations in specific periods of time. We prove the uniqueness
of the set of implicit authorizations derivable at a given instant
from the explicit ones, and we propose an algorithm to compute the
global set of valid authorizations. The resulting model provides a
high degree of flexibility and allows to express several protection
requirements that cannot be expressed in traditional access control
models.
Copyright © 1996 by the VLDB Endowment.
Permission to copy without fee all or part of this material is granted provided that the copies are not made or
distributed for direct commercial advantage, the VLDB
copyright notice and the title of the publication and
its date appear, and notice is given that copying
is by the permission of the Very Large Data Base
Endowment. To copy otherwise, or to republish, requires
a fee and/or special permission from the Endowment.
Online Paper
CDROM Version: Load the CDROM "Volume 1 Issue 5, VLDB '89-'97" and ...
DVD Version: Load ACM SIGMOD Anthology DVD 1" and ...
Printed Edition
T. M. Vijayaraman, Alejandro P. Buchmann, C. Mohan, Nandlal L. Sarda (Eds.):
VLDB'96, Proceedings of 22th International Conference on Very Large Data Bases, September 3-6, 1996, Mumbai (Bombay), India.
Morgan Kaufmann 1996, ISBN 1-55860-382-4
Contents 
Electronic Edition
References
- [1]
- ...
- [2]
- Elisa Bertino, Claudio Bettini, Elena Ferrari, Pierangela Samarati:
A Temporal Access Control Mechanism for Database Systems.
IEEE Trans. Knowl. Data Eng. 8(1): 67-80(1996)
- [3]
- Michael Gelfond, Vladimir Lifschitz:
The Stable Model Semantics for Logic Programming.
ICLP/SLP 1988: 1070-1080
- [4]
- ...
- [5]
- Peter Z. Revesz:
A Closed-Form Evaluation for Datalog Queries with Integer (Gap)-Order Constraints.
Theor. Comput. Sci. 116(1&2): 117-149(1993)
- [6]
- Jennifer G. Steiner, B. Clifford Neuman, Jeffrey I. Schiller:
Kerberos: An Authentication Service for Open Network Systems.
USENIX Winter 1988: 191-202
- [7]
- David Toman, Jan Chomicki, David S. Rogers:
Datalog with Integer Periodicity Constraints.
SLP 1994: 189-203
- [8]
- Allen Van Gelder, Kenneth A. Ross, John S. Schlipf:
The Well-Founded Semantics for General Logic Programs.
J. ACM 38(3): 620-650(1991)
- [9]
- ...
Copyright © Tue Mar 16 02:22:06 2010
by Michael Ley (ley@uni-trier.de)
