Please use this identifier to cite or link to this item:
|Title:||Distributed and typed role-based access control mechanisms driven by CRUD expressions|
|Author:||Pereira, Óscar Mortágua|
Aguiar, Rui L.
|Publisher:||ORB - Academic Publisher|
|Abstract:||Business logics of relational databases applications are an important source of security violations, namely in respect to access control. The situation is particularly critical when access control policies are many and complex. In these cases, programmers of business logics can hardly master the established access control policies. Now we consider situations where business logics are built with tools such as JDBC and ODBC. These tools convey two sources of security threats: 1) the use of unauthorized Create, Read, Update and Delete (CRUD) expressions and also 2) the modification of data previously retrieved by Select statements. To overcome this security gap when Role-based access control policies are used, we propose an extension to the basic model in order to control the two sources of security threats. Finally, we present a software architectural model from which distributed and typed RBAC mechanisms are automatically built, this way relieving programmers from mastering any security schema. We demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.|
|Appears in Collections:||DETI - Artigos|
Files in This Item:
|2014-10-30 (IJCSTA - Journal) Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Expressions.pdf||Documento principa||1.02 MB||Adobe PDF||View/Open|
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.