ACM SIGMOD Anthology TODS dblp.uni-trier.de

On an Authorization Mechanism.

Ronald Fagin: On an Authorization Mechanism. ACM Trans. Database Syst. 3(3): 310-319(1978)
@article{DBLP:journals/tods/Fagin78,
  author    = {Ronald Fagin},
  title     = {On an Authorization Mechanism},
  journal   = {ACM Trans. Database Syst.},
  volume    = {3},
  number    = {3},
  year      = {1978},
  pages     = {310-319},
  ee        = {http://doi.acm.org/10.1145/320263.320288, db/journals/tods/Fagin78.html},
  bibsource = {DBLP, http://dblp.uni-trier.de}
}
BibTeX

Abstract

Griffiths and Wade (ACM Trans. Database Syst. 1, 3, (Sept. 1976), 242-255) have defined a dynamic authorization mechanism that goes beyond the traditional password approach. A database user can grant or revoke privileges (such as to read, insert, or delete) on a file that he has created. Furthermore, he can authorize others to grant these same privileges. The database management system keeps track of a directed graph, emanating from the creator, of granted privileges. The nodes of the graph correspond to users, and the edges (each of which is labeled with a timestamp) correspond to grants. The edges are of two types, corresponding to whether or not the recipient of the grant has been given the option to make further grants of this privilege. Furthermore, for each pair A, B of nodes, there can be no more than one edge of each type from A to B. We modify this approach by allowing graphs in which there can be multiple edges of each type from one node to another. We prove correctness (in a certain strong sense) for our modified authorization mechanism. Further, we show by example that under the original mechanism, the system might forbid some user from exercising or granting a privilege that he "should" be allowed to exercise or grant.

Copyright © 1978 by the ACM, Inc., used by permission. Permission to make digital or hard copies is granted provided that copies are not made or distributed for profit or direct commercial advantage, and that copies show this notice on the first page or initial screen of a display along with the full citation.

Joint ACM SIGMOD / IEEE Computer Society Anthology

CDROM Version: Load the CDROM "Volume 3 Issue 1, TODS 1976-1990" and ... DVD Version: Load ACM SIGMOD Anthology DVD 2" and ... BibTeX

References

[1]
Patricia P. Griffiths, Bradford W. Wade: An Authorization Mechanism for a Relational Database System. ACM Trans. Database Syst. 1(3): 242-255(1976) BibTeX
[2]
Michael A. Harrison, Walter L. Ruzzo, Jeffrey D. Ullman: Protection in Operating Systems. Commun. ACM 19(8): 461-471(1976) BibTeX
[3]
Richard J. Lipton, Lawrence Snyder: A Linear Time Algorithm for Deciding Subject Security. J. ACM 24(3): 455-464(1977) BibTeX
[4]
...
[5]
...

Referenced by

  1. Ivo Majetic, Ernst L. Leiss: Authorization and Revocation in Object-Oriented Databases. IEEE Trans. Knowl. Data Eng. 9(4): 668-672(1997)
  2. Elisa Bertino, Pierangela Samarati, Sushil Jajodia: An Extended Authorization Model for Relational Databases. IEEE Trans. Knowl. Data Eng. 9(1): 85-101(1997)
  3. Sushil Jajodia, Pierangela Samarati, V. S. Subrahmanian, Elisa Bertino: A Unified Framework for Enforcing Multiple Access Control Policies. SIGMOD Conference 1997: 474-485
  4. Dirk Jonscher, Klaus R. Dittrich: An Approach for Building Secure Database Federations. VLDB 1994: 24-35
  5. Amit P. Sheth, James A. Larson: Federated Database Systems for Managing Distributed, Heterogeneous, and Autonomous Databases. ACM Comput. Surv. 22(3): 183-236(1990)
  6. Jeffrey D. Ullman: Principles of Database and Knowledge-Base Systems, Volume II. Computer Science Press 1989, ISBN 0-7167-8162-X
    Contents
  7. Patricia G. Selinger: Chickens and Eggs: The Interrelationship of Systems and Theory. PODS 1987: 250-253
  8. Donald D. Chamberlin, A. M. Gilbert, Robert A. Yost: A History of System R and SQL/Data System (Invited Paper). VLDB 1981: 456-464
  9. Won Kim: Relational Database Systems. ACM Comput. Surv. 11(3): 187-211(1979)
BibTeX
ACM SIGMOD Anthology - DBLP: [Home | Search: Author, Title | Conferences | Journals]
TODS, ACM SIGMOD Anthology: Copyright © by ACM (info@acm.org), Corrections: anthology@acm.org
DBLP: Copyright © by Michael Ley (ley@uni-trier.de), last change: Tue Jun 24 18:38:39 2008