Skip to main content
SpringerLink
Log in

A cryptographic mechanism for object-instance-based authorization in object-oriented database systems

  • Object Design and Modeling
  • Conference paper
  • First Online:
OOER '95: Object-Oriented and Entity-Relationship Modeling (ER 1995)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 1021))

Included in the following conference series:

  • 141 Accesses

Abstract

In this paper a mechanism for access control at the instance level of a class in object-oriented databases is suggested. The approach is based on the use of pseudo-random functions and sibling intractable functions. Each object-instance in the object-oriented model is associated with access keys that insure secure access to the object and all related objects. The security of the system depends on the difficulty of predicting the output of pseudorandom functions and finding extra collision for the sibling intractable function family. The authorization system supports ownership and granting/revoking of access rights.

Support for this project was provided in part by the Australian Research Council under the reference number A49530480.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. A. Baraani-Dastjerdi and J. Pieprzyk and R. Safavi-Naini and J. R. Getta. A Cryptographic Mechanism for Object-Instnace-Based Authorization in Object-Oriented Database Systems. Technical report, TR-95-1, Department of Computer Science, The University of Wollongong, Wollongong, Australia, 1995.

    Google Scholar 

  2. A. Baraani-Dastjerdi and J. R. Getta and J. Pieprzyk and R. Safavi-Naini. A Cryptographic Solution to Discretionary Access Control in Structurally Object-Oriented Databases. In Proceedings of the 6th Australian Database Conference (ADC'95), volume 17(2), pages 36–45, 1995.

    Google Scholar 

  3. D. B. Faatz and D. L. Spooner. Discretionary Access Control in Object-Oriented Engineering Database Systems. In Database Security IV: Status and Prospects, pages 73–83, 1991.

    Google Scholar 

  4. E. B. Fernandez and R. C. Summers and C. Wood. Database Security and Integrity. Addison-Wesley Publishing Company, 1981.

    Google Scholar 

  5. F. Rabitti and E. Bertino and W. Kim and D. Woelk. A Model of Authorization for Next-Generation Database Systems. ACM Transactions on Database Systems, 16(1):88–131, March 1991.

    Google Scholar 

  6. K. Dittrich. Object-Oriented Database Systems: The Notations and Issues. In Proceedings of the First International Workshop on Object-Oriented Database Systems. IEEE Computer Society Press, September 1986.

    Google Scholar 

  7. K. R. Dittrich and M. Hartig and H. Pfefferle. Discretionary Access Control In Structurally Object-Oriented Database Systems. In Database Security II: Status and Prospects, pages 105–121, 1989.

    Google Scholar 

  8. M. Atkinson and D. DeWitt and D. Maier and F. Bancilhon and K. Dittrich. The Object-Oriented Database System Manifesto. In Proceeding of First International Conference on DOOD89, pages 223–240, December 1989.

    Google Scholar 

  9. M. Naor and M. Yung. Universal one-way hash functions and their cryptographic applications. In Proceedings of the 21st ACM Symposium on Theory of Computing, pages 33–43. ACM, 1989.

    Google Scholar 

  10. P. P. Griffiths and B. W. Wade. An Authorization mechanism for a Relational Database System. ACM Transactions on Database Systems, 1(3):242–253, 1976.

    Google Scholar 

  11. S. G. Akl and P. D. Taylor. Cryptographic Solution To A Multilevel Security Problem. In Advances in Cryptology Proceedings of CRYPTO'82, pages 237–250. Plenum Press, 1982.

    Google Scholar 

  12. T. Hardjono and Y. Zheng and J. Seberry. A New Approach to Database Authentication. In Research and Practical Issues in Databases:Proceedings of the Third Australian Database Conference (Database'92), pages 334–342, 1992.

    Google Scholar 

  13. Won Kim. Object-Oriented Databases: Definition and Research Directions. IEEE Transactions on Knowledge and Data Engineering, 2(3):327–341, September 1990.

    Google Scholar 

  14. Y. Zheng and T. Hardjono and J. Pieprzyk. The Sibling Intractable Function Family (SIFF): Notation, Construction and Applications. IEICE Transactions, Fundamentals, E76-A(1):4–13, January 1993.

    Google Scholar 

  15. Yair Wand. A Proposal for a Formal Model of Objects. In Object-Oriented Concepts, Databases, and Applications, pages 537–559. Addison-Wesley, Reading, ACM Press, 1989.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, University of Wollongong, 2522, Wollongong, NSW, Australia

    Ahmad Baraani-Dastjerdi, Reihaneh Safavi-Naini, Josef Pieprzyk & Janusz R. Getta

Authors
  1. Ahmad Baraani-Dastjerdi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Reihaneh Safavi-Naini
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Josef Pieprzyk
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Janusz R. Getta
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Michael P. Papazoglou

Rights and permissions

Reprints and permissions

Copyright information

© 1995 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Baraani-Dastjerdi, A., Safavi-Naini, R., Pieprzyk, J., Getta, J.R. (1995). A cryptographic mechanism for object-instance-based authorization in object-oriented database systems. In: Papazoglou, M.P. (eds) OOER '95: Object-Oriented and Entity-Relationship Modeling. ER 1995. Lecture Notes in Computer Science, vol 1021. Springer, Berlin, Heidelberg. https://doi.org/10.1007/BFb0020519

Download citation

  • DOI: https://doi.org/10.1007/BFb0020519

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-60672-7

  • Online ISBN: 978-3-540-48527-8

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation