187,812 Hits in 5.2 sec

A relational database integrity framework for access control policies

Romuald Thion, Stéphane Coulondre
2010 Journal of Intelligent Information Systems  
This framework is closely tied to relational database integrity models. We then show how to use well-founded procedures in order to enforce and check constraints.  ...  First-order logic has been advocated for some time as a suitable framework for access control models. Many frameworks have been proposed, focusing mainly on expressing complex access control models.  ...  As we will see in the next section, this framework is a subset of the general framework proposed for access control constraints, that relies on database integrity theory.  ... 
doi:10.1007/s10844-010-0146-z fatcat:fzzeqq4ucbdxdivakygewvn47a

Framework for Digital Data Access Control from Internal Threat in the Public Sector

Haslidah Halim, Maryati Mohd
2019 International Journal of Advanced Computer Science and Applications  
This framework can serve as a guideline for the public sector in managing internal threats to reduce security incidents involving unauthorized access to digital personal data.  ...  A comprehensive framework is developed based on the identified security control elements and validated using a case study.  ...  ACKNOWLEDGMENT We thank all study participants from NRD for their collaboration.  ... 
doi:10.14569/ijacsa.2019.0100809 fatcat:bv2te4mwfzekdmknjm7cc6hzlu

Model-Driven Integration and Analysis of Access-control Policies in Multi-layer Information Systems [chapter]

Salvador Martínez, Joaquin Garcia-Alfaro, Frédéric Cuppens, Nora Cuppens-Boulahia, Jordi Cabot
2015 IFIP Advances in Information and Communication Technology  
For the specific case of access-control, access-control policies may be found in several components (databases, networks and applications) all, supposedly, working together in order to meet the high level  ...  In this work we propose an integration mechanism for accesscontrol policies to enable the analysis of the system security.  ...  XACML Policy Language XACML [9] is an access control policy language and framework fulfilling these requirements.  ... 
doi:10.1007/978-3-319-18467-8_15 fatcat:w2cgduwbabgvpcv74ik7o6aeyu

A General Framework for Multi-level security to restrict unauthorized users in Sulaymaniyah E-Court Database

Rzgar Sirwan Raza
2016 International Journal Of Engineering And Computer Science  
In this paper we propose a general framework for Multi-Level Security (MLS) in Sulaymaniyah E-Court database.  ...  This database can access by hundreds of clients. We propose a framework to increase security needs of database systems.  ...  Our approach uses integrity constraint, access control and query modification to enforce mandatory access controls, specified by means of constraints, on every client's access request.  ... 
doi:10.18535/ijecs/v5i5.50 fatcat:4ac37vzmszapzmkwxkxrw3cerq

Automatic Obligation Generation and Monitor System for Privacy Policy to DBMS

Mary TreesaThomas, Kanagaraj R., Lakshmi Vidyadharan
2015 International Journal of Computer Applications  
Data stored in the database includes personnel and sensitive data. Privacy policies in the database management system can control collection, access and disclosure of data.  ...  The main objective this project is to enable a monitor for implementing privacy policies which specifies obligations. Based on the obligations monitor can control the SQL code execution.  ...  Several controlling measures in database are access control, auditing, authentication, encryption, integrity controls, backups etc.  ... 
doi:10.5120/20003-1934 fatcat:wx6f76cv3ve6vlam4rkplyhc24

An Approach for Secure Semantic Data Integration at Data as a Service (DaaS) Layer

Shoohira Aftab, Hammad Afzal, Amna Khalid
2015 International Journal of Information and Education Technology  
Index Terms-Access control management, data as a service (DaaS), data integration, interoperability.  ...  control system for defining explicit privacy constraints.  ...  The framework will be providing following features.  A framework for data integration from heterogeneous resources.  Access control management from the perspective of data providers and data consumer  ... 
doi:10.7763/ijiet.2015.v5.488 fatcat:7qba6ne5urd4vlmjxmtav45yma

A Conceptual Framework of Information Security Database Audit and Assessment

Muneeb -ul-Hasan, Siti Hajar Othman
2019 International Journal of Innovative Computing  
With database security, the IT service roles within an organization become integrated hence giving the overall IT operating model a more structured layout.  ...  As such, a proper execution and implementation of database system would include a stringent set of checks and audit processes.  ...  ACKNOWLEDGMENT The authors wish to thank the Centre for Information and Communication Technology (CICT) at Universiti Teknologi Malaysia and other related ICT experts involved for evaluation contribution  ... 
doi:10.11113/ijic.v9n1.206 fatcat:j5tjprz7nncatlvbek6avy5fha

PRIVATE-IYE: A Framework for Privacy Preserving Data Integration

S.S. Bhowmick, L. Gruenwald, M. Iwaihara, S. Chatvichienchai
2006 22nd International Conference on Data Engineering Workshops (ICDEW'06)  
Data integration has been a long standing challenge to the database and data mining communities.  ...  In [7] , Agrawal et al. proposed a server-centric architecture for implementing P3P, in which the P3P policies (in XML format) are shredded into a relational database.  ...  The objective of the privacy policy formulation framework is to provide a mechanism for defining private data and privacy policies for both sources and users in the context of data integration and sharing  ... 
doi:10.1109/icdew.2006.117 dblp:conf/icde/BhowmickGIC06 fatcat:vjssm4cotnfzvotc3oni3pzgue

Integrated Database Security System Architectures based on WCF Services

Ayman Mohamed Mostafa, Mohamed Hashem Abdel Aziz, Ibrahim Mahmoud El-henawy
2012 Journal of Internet Technology and Secured Transaction  
The main goal of this paper is to provide integrated database security system architectures based on Windows Communication Foundation (WCF) services using a set of effective database security policies.  ...  Database security is a set of mechanisms, rules, and procedures that can be used to ensure confidentiality, integrity, and availability of data to protect database from unintended activities.  ...  This paper presents a comprehensive integration between access control mechanisms, cryptography techniques and intrusion detection systems for providing multi-layer policies for protecting database.  ... 
doi:10.20533/jitst.2046.3723.2012.0010 fatcat:gw2lznsp25brdkmssix6qys6ga

Tuple-based access control

Romuald Thion, François Lesueur, Meriam Talbi
2015 Proceedings of the 30th Annual ACM Symposium on Applied Computing - SAC '15  
We show that the framework can capture a large class of policies similar to those of lattice-based access control models and that it can be integrated seamlessly into relational database management systems  ...  This paper proposes a flexible control framework for relational personal data that enforces data originators' dissemination policies.  ...  Acknowledgments The authors gratefully thank the anonymous referees for their constructive suggestions and thorough reviews.  ... 
doi:10.1145/2695664.2695758 dblp:conf/sac/ThionLB15 fatcat:t6gxfsindfft3iwtukuip7otvq

A Measurable Approach for Access and Control Modeling in SOA

JunKai Gu, Ling Han, Bo Wang
2011 International Journal of Engineering and Manufacturing  
However, problems in security guard for service access remains unresolved especially for the measurable one. we proposed a novel access control model, which we called SACM: Service Access Control Model  ...  Our model is mainly based on the role access policy, extended with trust authority transition and integration mechanism, to fulfill an extensive and measurable access control modeling approach with Crypto-CCS  ...  Conclusion and further works We proposed an accessing control model for SOA framework.  ... 
doi:10.5815/ijem.2011.02.09 fatcat:mjag4ql4bnfphlwcxx3raadzta

Dynamic Access Control in a Document Data Store

Kriti Srivastava, Priyal Shah, Khushali Shah, Narendra Shekokar
2017 International Journal of Advanced Research in Computer Science and Software Engineering  
The wide expansion of the Internet has set new requirements for access control policy specification.  ...  In order to implement a security framework, it is mandatory to provide real time and on demand access control management approach that should take care of: Data integration and sanitation, multi-tenancy  ...  In this paper we have incorporated the support for PBAC to introduce access control and contribute towards a much needed privacy framework in the relatively new NoSQL database.  ... 
doi:10.23956/ijarcsse/v7i5/0107 fatcat:auob4a32drevfesi5hirnsj2vy

The security architecture of IRO-DB [chapter]

Wolfgang Eßmayr, Friedrich Kastner, Günther Pernul, A. Min Tjoa
1996 IFIP Advances in Information and Communication Technology  
This paper describes the security architecture of the IRO-DB database federation, a system supporting interoperable access between relational and object-oriented databases.  ...  The security policy developed is a federated, administrative, discretionary access control policy supporting positive, negative, as well as implied authorizations.  ...  (Germany), and FA W Linz (Austria), for many interesting discussions on technical meetings.  ... 
doi:10.1007/978-1-5041-2919-0_22 fatcat:rtztgfpnovhbrlwq2vq3mxcqpy

Anomalies Correlation for Risk-Aware Access Control Enhancement

Pierrette Annie Evina, Faten Labbene Ayachi, Faouzi Jaidi, Adel Bouhoula
2018 Proceedings of the 13th International Conference on Evaluation of Novel Approaches to Software Engineering  
In the context of database management systems (DBMS), the integrity of access control policies (ACP) is a constantly neglected aspect.  ...  So, considering regular ACP updating activities, we pay a particular attention on anomalies in ACP expression.  ...  Listing anomalies related to unauthorized update of access control policy. 2.  ... 
doi:10.5220/0006766802990304 dblp:conf/enase/EvinaAJB18 fatcat:bmntox3ma5dg3jdrrbqdtrs3fq

Observation-Based Fine Grained Access Control for XML Documents [chapter]

Raju Halder, Agostino Cortesi
2011 Communications in Computer and Information Science  
In this paper, we extend to the context of XML documents the notion of Observation-based Fine Grained Access Control (OFGAC) which was originally designed for the relational databases.  ...  to their access rights, represented by a specific property.  ...  OFGAC for XML We are now in position to introduce the notion of access control policy specification for XML under OFGAC framework.  ... 
doi:10.1007/978-3-642-27245-5_32 fatcat:con63b6iznbxppgrqemo52fdim
« Previous Showing results 1 — 15 out of 187,812 results