Flexible Security Policies in SQL

نویسندگان

Steve Barker

Arnon Rosenthal

چکیده

We show how a wide variety of role-based access control policies may be formally specified in the stratified subset of clause form logic. We then show how these formal specifications may be automatically translated into a small subset of SQL to be used to seamlessly protect a relational database from unauthorized read and update requests made by authenticated users. We demonstrate the power of our approach by showing how a variety of access control policies

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Abstracting and Refining Authorization in SQL

ing and Refining Authorization in SQL Arnon Rosenthal, Edward Sciore1 Abstract. The SQL standard specifies authorization via a large set of rather opaque rules, which are difficult to understand and dangerous to change. To make the model easier to work with, we formalize the implicit principles behind The SQL standard specifies authorization via a large set of rather opaque rules, which are dif...

متن کامل

SIF: Enforcing Confidentiality and Integrity in Web Applications

SIF (Servlet Information Flow) is a novel software framework for building high-assurance web applications, using language-based information-flow control to enforce security. Explicit, end-to-end confidentiality and integrity policies can be given either as compile-time program annotations, or as run-time user requirements. Compile-time and run-time checking efficiently enforce these policies. I...

متن کامل

GuardRails: A Data-Centric Web Application Security Framework

Web frameworks significantly facilitate the creation of Web applications. However, they do little to facilitate the development of applications that are secure by design. In reality, lots of applications suffer from known, persistent types of vulnerabilities. Popular examples are cross-site scripting, SQL injection, and data disclosure vulnerabilities. For Rails Web applications, the root cause...

متن کامل

A semantic-aware role-based access control model for pervasive computing environments

Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...

متن کامل

Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications

We present a system for sound static checking of security policies for database-backed Web applications. Our tool checks a combination of access control and information flow policies, where the policies vary based on database contents. For instance, one or more database tables may represent an access control matrix, controlling who may read or write which cells of these and other tables. Using ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2001

Flexible Security Policies in SQL

نویسندگان

چکیده

منابع مشابه

Abstracting and Refining Authorization in SQL

SIF: Enforcing Confidentiality and Integrity in Web Applications

GuardRails: A Data-Centric Web Application Security Framework

A semantic-aware role-based access control model for pervasive computing environments

Static Checking of Dynamically-Varying Security Policies in Database-Backed Applications

عنوان ژورنال:

اشتراک گذاری