Abstract
This paper introduces object-oriented access controls (OOAC) as a result of consequently applying the object-oriented paradigm for providing access controls in object and interoperable databases. OOAC includes: (1) subjects, like users, roles etc., are regarded as first-class objects, (2) objects are accessed by sending messages, and (3) access controls deal with controlling the flow of messages among objects. OOAC are not intended to replace legacy access control mechanisms which mainly have been designed and applied in non-object environments. Instead, they provide the basis for applying these concepts in true object-oriented environments. An object authorization language (OAL) is proposed for specifying authorizations in a declarative manner.
Chapter PDF
Similar content being viewed by others
References
Atkinson, M., Bancilhon, F., DeWitt, D., Dittrich, K., Maier, D., Zdonik, S. (1989) The Object-Oriented Database System Manifesto. Proc. 1st Int. Conf. on Deductive and Object-Oriented Databases, Kyoto, Japan.
Atwood, T., Duhl, J., Ferran, G., Loomis, M., and Wade, D. (1993) The Object Database Standard: ODMG-93, Release 1.1. Morgan Kaufmann Publishers, San Francisco, California.
Bertino, E., Kim, W., Rabitti, F. and Woelk, D. (1991) A Model of Authorization for Next-Generation Database Systems. ACM ToDS, Vol. 16 /1.
Bertino, E., Martino, L. (1991) Object-Oriented Database Management Systems: Concepts and Issues. IEEE Computer, April 1991, pp 33–47.
Bertino, E. (1992) Data Hiding and Security in an Object-Oriented Database System. Proc. 8th IEEE Int. Conf. on Data Engineering, Phoenix, Arizona.
Bertino, E., Samarati, P. (1993) Research Issues in Discretionary Authorizations for Object Bases. Workshop in Computing: B Thuraisingham, R. Sandhu, T.C. Ting (Eds.) Security for Object-Oriented Systems, Washington DC.
Brüggemann, H. H., (1991) Rights in an object-oriented environment. Proc. 5th IFIP 11.3 Working Conference on Database Security. Shepherdstown, WV, 1991.
Busse, R., Fankhauser, P., Huck, G., Klas, W. (1994) IRO-DB An object-oriented approach towards federated and interoperable DBMS. Proc. of the International Workshop on Advances in Databases and Information Systems (ADBIS 94), Moscow, Russia, Russian Academy of Sciences.
Busse R., Fankhauser P., Neuhold E.J. (1994a) Federated Schemata in ODMG, Proc. 2nd Int. East/West Database Workshop, Klagenfurt, Austria.
Castano, S., Fugini, M., Martella, G., Samarati, P. (1995) Database Security. Addison-Wesley.
Essmayr, W., Kastner, F., Pernul, G., Preishuber, S., and Tjoa, A M. (1995) Access Controls for Federated Database Environments. Proc. Joint IFIP TC 6 and TC 11 Working Conf. on Communications and Multimedia Security, Graz, Austria.
Essmayr, W., Kastner, F., Pernul, G., Preishuber, S., and Tjoa, A M. (1996) Authorization and Access Control in IRO-DB. Proc. of the 12th Int. Conf. on Data Engineering, New-Orleans, Louisiana, USA.
Essmayr, W., Kastner, F., Pernul, G., Tjoa, A M. (1996a) The Security Architecture of IRO-DB. Proc. 12th IFIP Int. Conf. on Information Security, Island of Samos, Greece.
Fernandez, E.B., Larrondo-Petrie, M.M., Gudes, E. (1993) A Method-Based Authorization Model for Object-Oriented Databases. Workshop in Computing: B Thuraisingham, R. Sandhu, T.C. Ting (Eds.) Security for Object-Oriented Systems, Washington DC.
Fernandez, E.B., Gudes, E. and Song, H. (1994) A Model for Evaluation and Administration of Security in Object-Oriented Databases. IEEE Trans. on Knowl. & Data Eng., Vol. 6 /2.
Gal-Oz, N., Gudes, E., Fernandez, E. B. (1993) A Model of Methods Access Authorization in Object-Oriented Databases. Proc. 19th VLDB Conference, Dublin, Irland.
Gardarin G., Gannouni S., Finance B., Fankhauser P., Klas W., Pastre D., Legoff R., Ramfos A. (1994). IRO-DB: A Distributed System Federating Object and Relational Databases. In Bukhres O. and Elmargarmid A.K., Object-Oriented Multidatabase Systems Prentice Hall.
Jonscher, D., Moffett, J. D., Dittrich, K. R. (1993). Complex subjects or: The Striving for Complexity is Ruling our World. Proc. 7th IFIP 11. 3 Working Conference on Database Security. Huntsville, AL, 1993.
Pernul, G. (1994) Database Security. In: Advances in Computers, Vol.38, pp. 1–72. ( M. C. Yovits, ed. ). Academic Press.
Sheth, A.P. and Larson, J.A. (1990) Federated Database Systems for Managing Distributed, Heterogeneous, and Autonomous Databases. ACM Computing Surveys, Vol. 22 /3.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1998 IFIP
About this chapter
Cite this chapter
Essmayr, W., Pernul, G., Tjoa, A.M. (1998). Access controls by object-oriented concepts. In: Lin, T.Y., Qian, S. (eds) Database Security XI. IFIP Advances in Information and Communication Technology. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35285-5_20
Download citation
DOI: https://doi.org/10.1007/978-0-387-35285-5_20
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-5041-2914-5
Online ISBN: 978-0-387-35285-5
eBook Packages: Springer Book Archive