ACM SIGMOD Anthology TODS dblp.uni-trier.de

An Authorization Mechanism for a Relational Database System.

Patricia P. Griffiths, Bradford W. Wade: An Authorization Mechanism for a Relational Database System. ACM Trans. Database Syst. 1(3): 242-255(1976)
@article{DBLP:journals/tods/GriffithsW76,
  author    = {Patricia P. Griffiths and
               Bradford W. Wade},
  title     = {An Authorization Mechanism for a Relational Database System},
  journal   = {ACM Trans. Database Syst.},
  volume    = {1},
  number    = {3},
  year      = {1976},
  pages     = {242-255},
  ee        = {http://doi.acm.org/10.1145/320473.320482, db/journals/tods/GriffithsW76.html},
  bibsource = {DBLP, http://dblp.uni-trier.de}
}
BibTeX

Abstract

A multiuser database system must selectively permit users to share data, while retaining the ability to restrict data access. There must be a mechanism to provide protection and security, permitting information to be accessed only by properly authorized users. Further, when tables or restricted views of tables are created and destroyed dynamically, the granting, authentication, and revocation of authorization to use them must also be dynamic. Each of these issues and their solutions in the context of the relational database management system System R are discussed.

When a database user creates a table, he is fully and solely authorized to perform upon it actions such as read, insert, update, and delete. He may explicitly grant to any other user any or all of his privileges on the table. In addition he may specify that that user is authorized to further grant these privileges to still other users. The result is a directed graph of granted privileges originating from the table creator.

At some later time a user A may revoke some or all of the privileges which he previously granted to another user B. This action usually revokes the entire subgraph of the grants originating from A's grant to B. It may be, however, that B will still possess the revoked privileges by means of a grant from another user C, and therefore some or all of B's grants should not be revoked. This problem is discussed in detail, and an algorithm for detecting exactly which of B's grants should be revoked is presented.

Copyright © 1976 by the ACM, Inc., used by permission. Permission to make digital or hard copies is granted provided that copies are not made or distributed for profit or direct commercial advantage, and that copies show this notice on the first page or initial screen of a display along with the full citation.

Joint ACM SIGMOD / IEEE Computer Society Anthology

CDROM Version: Load the CDROM "Volume 3 Issue 1, TODS 1976-1990" and ... DVD Version: Load ACM SIGMOD Anthology DVD 2" and ... BibTeX

Conference Abstract

Patricia P. Griffiths, Bradford W. Wade: An Authorization Mechanism for a Relational Data Base System (Abstract). SIGMOD Conference 1976: 51 BibTeX

References

[1]
Morton M. Astrahan, Mike W. Blasgen, Donald D. Chamberlin, Kapali P. Eswaran, Jim Gray, Patricia P. Griffiths, W. Frank King III, Raymond A. Lorie, Paul R. McJones, James W. Mehl, Gianfranco R. Putzolu, Irving L. Traiger, Bradford W. Wade, Vera Watson: System R: Relational Approach to Database Management. ACM Trans. Database Syst. 1(2): 97-137(1976) BibTeX
[2]
...
[3]
Donald D. Chamberlin, Raymond F. Boyce: SEQUEL: A Structured English Query Language. SIGMOD Workshop, Vol. 1 1974: 249-264 BibTeX
[4]
...
[5]
E. F. Codd: A Relational Model of Data for Large Shared Data Banks. Commun. ACM 13(6): 377-387(1970) BibTeX
[6]
E. F. Codd: A Database Sublanguage Founded on the Relational Calculus. SIGFIDET Workshop 1971: 35-68 BibTeX
[7]
E. F. Codd: Further Normalization of the Data Base Relational Model. IBM Research Report, San Jose, California RJ909: (1971) BibTeX
[8]
E. F. Codd: Relational Completeness of Data Base Sublanguages. In: R. Rustin (ed.): Database Systems: 65-98, Prentice Hall and IBM Research Report RJ 987, San Jose, California : (1972) BibTeX
[9]
E. F. Codd: Recent Investigations in Relational Data Base Systems. IFIP Congress 1974: 1017-1021 BibTeX
[10]
...
[11]
...
[12]
...
[13]
...
[14]
...
[15]
...
[16]
...
[17]
...
[18]
...

Referenced by

  1. Elisa Bertino: Review - An Authorization Mechanism for a Relational Data Base System. ACM SIGMOD Digital Review 1: (1999)
  2. Richard T. Snodgrass: Reminiscences on Influential Papers. SIGMOD Record 27(1): 54-57(1998)
  3. Elisa Bertino, Pierangela Samarati, Sushil Jajodia: An Extended Authorization Model for Relational Databases. IEEE Trans. Knowl. Data Eng. 9(1): 85-101(1997)
  4. Sushil Jajodia, Pierangela Samarati, V. S. Subrahmanian, Elisa Bertino: A Unified Framework for Enforcing Multiple Access Control Policies. SIGMOD Conference 1997: 474-485
  5. Ahmad Baraani-Dastjerdi, Josef Pieprzyk, Reihaneh Safavi-Naini, Janusz R. Getta: A Cryptographic Mechanism for Object-Instance-Based Authorization in Object-Oriented Database Systems. OOER 1995: 44-54
  6. Eduardo B. Fernández, Ehud Gudes, Haiyan Song: A Model for Evaluation and Administration of Security in Object-Oriented Databases. IEEE Trans. Knowl. Data Eng. 6(2): 275-292(1994)
  7. Dirk Jonscher, Klaus R. Dittrich: An Approach for Building Secure Database Federations. VLDB 1994: 24-35
  8. Elisa Bertino: Data Hiding and Security in Object-Oriented Databases. ICDE 1992: 338-347
  9. Rafiul Ahad, James Davis, Stefan Gower, Peter Lyngbæk, Andra Marynowski, Emmanuel Onuegbe: Supporting Access Control in an Object-Oriented Database Language. EDBT 1992: 184-200
  10. Fausto Rabitti, Elisa Bertino, Won Kim, Darrell Woelk: A Model of Authorization for Next-Generation Database Systems. ACM Trans. Database Syst. 16(1): 88-131(1991)
  11. Sushil Jajodia, Ravi S. Sandhu: Towards a Multilevel Secure Relational Data Model. SIGMOD Conference 1991: 50-59
  12. Amit P. Sheth, James A. Larson: Federated Database Systems for Managing Distributed, Heterogeneous, and Autonomous Databases. ACM Comput. Surv. 22(3): 183-236(1990)
  13. I-Min A. Chen, Dennis McLeod: Derived Data Update in Semantic Databases. VLDB 1989: 225-235
  14. Laura M. Haas, Johann Christoph Freytag, Guy M. Lohman, Hamid Pirahesh: Extensible Query Processing in Starburst. SIGMOD Conference 1989: 377-388
  15. Amihai Motro: An Access Authorization Model for Relational Databases Based on Algebraic Manipulation of View Definitions. ICDE 1989: 339-347
  16. Joachim Biskup, Hans Hermann Brüggemann: The Personal Model of Data - Towards a Privacy Oriented Information System (Extended Abstract). ICDE 1989: 348-355
  17. Jeffrey D. Ullman: Principles of Database and Knowledge-Base Systems, Volume II. Computer Science Press 1989, ISBN 0-7167-8162-X
    Contents
  18. Kenneth R. Abbott, Dennis R. McCarthy: Administration and Autonomy in a Replication-Transparent Distributed DBMS. VLDB 1988: 195-205
  19. Fausto Rabitti, Darrell Woelk, Won Kim: A Model of Authorization for Object-Oriented and Semantic Databases. EDBT 1988: 231-250
  20. Elisa Bertino, Laura M. Haas: Views and Security in Distributed Database Management Systems. EDBT 1988: 155-169
  21. Patricia G. Selinger: Chickens and Eggs: The Interrelationship of Systems and Theory. PODS 1987: 250-253
  22. David L. Spooner, Arthur M. Keller, Gio Wiederhold, John Salasin, Deborah Heystek: Framework for the Security Component of an Ada DBMS. VLDB 1986: 347-354
  23. Naftaly H. Minsky, David Rozenshtein, Jan Chomicki: A Controllable Prolog Database System. ICDE 1986: 618-628
  24. Fred J. Friedman, Arthur M. Keller, John Salasin, Gio Wiederhold, Murray R. Berkowitz, David L. Spooner: Reference Model for Ada Interfaces to Database Management Systems. ICDE 1986: 492-506
  25. Matthias Jarke, Jürgen Koch: Query Optimization in Database Systems. ACM Comput. Surv. 16(2): 111-152(1984)
  26. Anthony C. Klug, Rod Price: Determining View Dependencies Using Tableaux. ACM Trans. Database Syst. 7(3): 361-380(1982)
  27. Naftaly H. Minsky: Synergistic Authorization in Database Systems. VLDB 1981: 543-552
  28. Donald D. Chamberlin, A. M. Gilbert, Robert A. Yost: A History of System R and SQL/Data System (Invited Paper). VLDB 1981: 456-464
  29. U. Bussolati, Giancarlo Martella: A Database Approach to Modelling and Managing Security Information. VLDB 1981: 532-542
  30. M. R. Brown, R. G. G. Cattell, N. Suzuki: The Cedar DBMS: A Preliminary Report. SIGMOD Conference 1981: 205-211
  31. Michael Stonebraker: Retrospection on a Database System. ACM Trans. Database Syst. 5(2): 225-240(1980)
  32. Daniel J. Rosenkrantz, Harry B. Hunt III: Processing Conjunctive Predicates and Queries. VLDB 1980: 64-72
  33. Jonathan E. Shopiro: Theseus - A Programming Language for Relational Databases. ACM Trans. Database Syst. 4(4): 493-517(1979)
  34. Gary H. Sockut, Robert P. Goldberg: Database Reorganization - Principles and Practice. ACM Comput. Surv. 11(4): 371-395(1979)
  35. Won Kim: Relational Database Systems. ACM Comput. Surv. 11(3): 187-211(1979)
  36. Christopher Wood, Eduardo B. Fernández: Decentralized Authorization in a Database System. VLDB 1979: 352-359
  37. Rudolf Munz, H.-J. Schneider, Frank Steyer: Application of Sub-Predicate Tests in Database Systems. VLDB 1979: 426-435
  38. Ronald Fagin: On an Authorization Mechanism. ACM Trans. Database Syst. 3(3): 310-319(1978)
  39. David K. Hsiao, Douglas S. Kerr, Stuart E. Madnick: Privacy and Security of Data Communications and Data Bases. VLDB 1978: 55-67
  40. Deborah Downs, Gerald J. Popek: A Kernel Design for a Secure Data Base Management System. VLDB 1977: 507-514
  41. François Bancilhon, Nicolas Spyratos: Protection of Information in Relational Data Bases. VLDB 1977: 494-500
  42. Clement T. Yu, Francis Y. L. Chin: A Study on the Protection of Statistical Data Bases. SIGMOD Conference 1977: 169-181
  43. H. Rex Hartson, David K. Hsiao: A Semantic Model for Data Base Protection Languages. VLDB 1976: 27-42
BibTeX
ACM SIGMOD Anthology - DBLP: [Home | Search: Author, Title | Conferences | Journals]
TODS, ACM SIGMOD Anthology: Copyright © by ACM (info@acm.org), Corrections: anthology@acm.org
DBLP: Copyright © by Michael Ley (ley@uni-trier.de), last change: Tue Jun 24 18:38:35 2008