Abstract
Security is an important topic for Object-oriented databases (OODB). Discretionary authorization models do not provide the high assurance provided by Mandatory models, the latter ones, however, are too rigid for commercial applications. Therefore discretionary, information-flow control models are needed, especially when transactions containing general methods invocations are considered.
This paper first reviews existing security models for object-oriented databases with and without information-flow control. Previous models relied on the run-time checks of every message transferred in the system. This paper uses a simple transaction model and a compile-time approach and presents algorithms for flow control which are applied at Rule-administration and Compile times, thus saving considerable run-time overhead. A proof for correctness is given, and the performance implications are discussed.
Chapter PDF
References
Bertino, E., Bettini, C., Ferrari, E., Samarati, P., “A Temporal Access Control Mechanism for Database systems,” IEEE Trans. on Knowledge and Data Engineering, Vol 8, No. 1, pp. 67–80.
Castano, S., M. Fugini, G. Martella, P. Samarati, Database Security, Addison-Wesley, 1995.
D.E.Denning Cryptography and Data Security,Addison-Wesley, 1983.
E.B.Fernandez, E.Gudes, H.Song “A Model for Evaluation and Administration of Security in Object-Oriented Databases.”,IEEE Trans. on Knowledge and Data Engineering, Vol.6. No.2., April 1994, pp. 275–292.
N.Gal-Oz, E.Gudes and E.B.Fernandez “A Model of Methods Access Authorization in Object-Oriented Databases.”,Proc. of the 19th VLDB Conference,Dublin,Ireland,1993.
Gendler, M. “A Model for secur Information-flow in Object-oriented databases,” MSc Thesis, Ben-Gurion University, 1997.
Griffith, P., Wade B., “An Authorization Mechanism for a Relational Database System,” ACM Trans. on Database Systems, Vol 1, No. 3, September, 1976.
Gudes E., Gendler, M. “Compile-time Flow analysis of Transactions and Methods in Object-Oriented Databases,” submitted.
Kemper A., G. Moerkotte, Object-oriented Database Management, Prentice-Hall, 1994.
Kim W., Introduction to Object-Oriented Databases,The MIT Press, 1990.
Larrondo-Petrie M., Gudes E., Song, H., Fernandez E B., “Security Policicies in object-oriented databases,” Database Security IV: Status and Prospectus, D. L. Spooner C. E. Landwehr ( Ed. ), Elsevier Science Publishers, 1990, pp. 257–268
Samarati P., E.Bertino, A.Ciampichetti and S.Jajodia “Information Flow Control in Object-Oriented Systems,” to appear in IEEE Trans. on Knowledge and Data Engineering, 1996.
Stonebraker, M., Wong, E., Kreps, P., Held, G., “The Design and Implementation of Ingres”, ACM Trans. on Database Systems, Vol 1, No. 3, September, 1976.
F.Yellin “Low Level Security in Java”, Unpublished Report, Sun corp, 1996.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1997 Springer Science+Business Media Dordrecht
About this chapter
Cite this chapter
Gendler-Fishman, M., Gudes, E. (1997). A Compile-time Model for safe Information Flow in Object-Oriented Databases. In: Yngström, L., Carlsen, J. (eds) Information Security in Research and Business. IFIP — The International Federation for Information Processing. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35259-6_4
Download citation
DOI: https://doi.org/10.1007/978-0-387-35259-6_4
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5481-0
Online ISBN: 978-0-387-35259-6
eBook Packages: Springer Book Archive