Please use this identifier to cite or link to this item:
Title: Distributed and typed role-based access control mechanisms driven by CRUD expressions
Author: Pereira, Óscar Mortágua
Regateiro, Diogo
Aguiar, Rui L.
Keywords: RBAC
Access control
Information security
Software architecture
Distributed systems
Relational databases
Issue Date: 30-Oct-2014
Publisher: ORB - Academic Publisher
Abstract: Business logics of relational databases applications are an important source of security violations, namely in respect to access control. The situation is particularly critical when access control policies are many and complex. In these cases, programmers of business logics can hardly master the established access control policies. Now we consider situations where business logics are built with tools such as JDBC and ODBC. These tools convey two sources of security threats: 1) the use of unauthorized Create, Read, Update and Delete (CRUD) expressions and also 2) the modification of data previously retrieved by Select statements. To overcome this security gap when Role-based access control policies are used, we propose an extension to the basic model in order to control the two sources of security threats. Finally, we present a software architectural model from which distributed and typed RBAC mechanisms are automatically built, this way relieving programmers from mastering any security schema. We demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.
Peer review: yes
ISSN: 2336-0984
Publisher Version:
Appears in Collections:DETI - Artigos

Formato BibTex MendeleyEndnote Degois 

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.