Please wait a minute...
FITEE
Front. Inform. Technol. Electron. Eng.  2010, Vol. 11 Issue (8): 575-586    DOI: 10.1631/jzus.C0910466
    
A fine-grained access control model for relational databases
Jie Shi, Hong Zhu*
College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China
A fine-grained access control model for relational databases
Jie Shi, Hong Zhu*
College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, China
 全文: PDF 
摘要: Fine-grained access control (FGAC) must be supported by relational databases to satisfy the requirements of privacy preserving and Internet-based applications. Though much work on FGAC models has been conducted, there are still a number of ongoing problems. We propose a new FGAC model which supports the specification of open access control policies as well as closed access control policies in relational databases. The negative authorization is supported, which allows the security administrator to specify what data should not be accessed by certain users. Moreover, multiple policies defined to regulate user access together are also supported. The definition and combination algorithm of multiple policies are thus provided. Finally, we implement the proposed FGAC model as a component of the database management system (DBMS) and evaluate its performance. The performance results show that the proposed model is feasible.
关键词: Fine-grained access controlDatabase securityProhibitionMultiple policies    
Abstract: Fine-grained access control (FGAC) must be supported by relational databases to satisfy the requirements of privacy preserving and Internet-based applications. Though much work on FGAC models has been conducted, there are still a number of ongoing problems. We propose a new FGAC model which supports the specification of open access control policies as well as closed access control policies in relational databases. The negative authorization is supported, which allows the security administrator to specify what data should not be accessed by certain users. Moreover, multiple policies defined to regulate user access together are also supported. The definition and combination algorithm of multiple policies are thus provided. Finally, we implement the proposed FGAC model as a component of the database management system (DBMS) and evaluate its performance. The performance results show that the proposed model is feasible.
Key words: Fine-grained access control    Database security    Prohibition    Multiple policies
收稿日期: 2009-07-29 出版日期: 2010-08-02
CLC:  TP309  
基金资助: Project (No. 2006AA01Z430) supported by the National High-Tech Research and Development Program (863) of China
通讯作者: Hong ZHU     E-mail: whzhuhong@gmail.com
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章  
Jie Shi
Hong Zhu

引用本文:

Jie Shi, Hong Zhu. A fine-grained access control model for relational databases. Front. Inform. Technol. Electron. Eng., 2010, 11(8): 575-586.

链接本文:

http://www.zjujournals.com/xueshu/fitee/CN/10.1631/jzus.C0910466        http://www.zjujournals.com/xueshu/fitee/CN/Y2010/V11/I8/575

[1] Ehsan Saeedi, Yinan Kong, Md. Selim Hossain. 边信道攻击和学习向量量化[J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18(4): 511-518.
[2] Yu-jun Xiao, Wen-yuan Xu, Zhen-hua Jia, Zhuo-ran Ma, Dong-lian Qi. 一种非侵入式的基于功耗的可编程逻辑控制器异常检测方案[J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18(4): 519-534.
[3] Gaurav Bansod, Narayan Pisharoty, Abhijit Patil. BORON:面向普适计算的超轻量低功耗加密设计[J]. Frontiers of Information Technology & Electronic Engineering, 2017, 18(3): 332-345.
[4] Feng-he Wang, Chun-xiao Wang, Zhen-hua Liu. 标准模型下基于高效分级身份的格上加密方案[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(8): 781-791.
[5] Jia Xie, Yu-pu Hu, Jun-tao Gao, Wen Gao. NTRU格上基于身份签名的高效方案[J]. Front. Inform. Technol. Electron. Eng., 2016, 17(2): 135-142.
[6] Kok-Seng Wong, Myung Ho Kim. 面向优选应答的k-匿名模型[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(9): 720-731.
[7] Kuo-Hui Yeh. 一套具备使用者不可追踪性的轻量化身分鉴别机制[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(4): 259-271.
[8] Osama A. Khashan, Abdullah M. Zin, Elankovan A. Sundararajan. ImgFS:一种利用用户空间文件系统的图片存储透明加密技术[J]. Front. Inform. Technol. Electron. Eng., 2015, 16(1): 28-42.
[9] Shuang Tan, Yan Jia. NaEPASC:一种新颖且高效的云数据公开审计机制[J]. Front. Inform. Technol. Electron. Eng., 2014, 15(9): 794-804.
[10] Osama A. Khashan, Abdullah M. Zin, Elankovan A. Sundararajan. 静态视觉图像全加密与选择加密性能比较研究[J]. Front. Inform. Technol. Electron. Eng., 2014, 15(6): 435-444.
[11] Kuo-Hui Yeh, Kuo-Yu Tsai, Jia-Li Hou. Analysis and design of a smart card based authentication protocol[J]. Front. Inform. Technol. Electron. Eng., 2013, 14(12): 909-917.
[12] Yong Cheng, Zhi-ying Wang, Jun Ma, Jiang-jiang Wu, Song-zhu Mei, Jiang-chun Ren. [J]. Frontiers of Information Technology & Electronic Engineering, 2013, 14(2): 85-97.
[13] Hong-yuan Chen, Yue-sheng Zhu. A robust watermarking algorithm based on QR factorization and DCT using quantization index modulation technique[J]. Front. Inform. Technol. Electron. Eng., 2012, 13(8): 573-584.
[14] Baiying Lei, Ing Yann Soon. A multipurpose audio watermarking algorithm with synchronization and encryption[J]. Front. Inform. Technol. Electron. Eng., 2012, 13(1): 11-19.
[15] Zoe Lin Jiang, Jun-bin Fang, Lucas Chi Kwong Hui, Siu Ming Yiu, Kam Pui Chow, Meng-meng Sheng. k-Dimensional hashing scheme for hard disk integrity verification in computer forensics[J]. Front. Inform. Technol. Electron. Eng., 2011, 12(10): 809-818.