Please use this identifier to cite or link to this item:
Title: Role-based access control mechanisms: distributed, statically implemented and driven by CRUD expressions
Author: Pereira, Óscar Mortágua
Regateiro, Diogo
Aguiar, Rui L.
Keywords: RBAC
Access control
Information security
Software architecture
Distributed systems
Issue Date: 23-Jun-2014
Publisher: IEEE
Abstract: Most of the security threats in relational database applications have their source in client-side systems when they issue requests formalized by Create, Read, Update and Delete (CRUD) expressions. If tools such as ODBC and JDBC are used to develop business logics, then there is another source of threats. In some situations the content of data sets retrieved by Select expressions can be modified and then committed into the host databases. These tools are agnostic regarding not only database schemas but also regarding the established access control policies. This situation can hardly be mastered by programmers of business logics in database applications with many and complex access control policies. To overcome this gap, we extend the basic Role-Based Access policy to support and supervise the two sources of security threats. This extension is then used to design the correspondent RBAC model. Finally, we present a software architectural model from which static RBAC mechanisms are automatically built, this way relieving programmers from mastering any schema. We demonstrate empirical evidence of the effectiveness of our proposal from a use case based on Java and JDBC.
Peer review: yes
DOI: 10.1109/ISCC.2014.6912546
ISSN: 1530-1346
Appears in Collections:DETI - Comunicações

Formato BibTex MendeleyEndnote Degois 

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.