An Authorization Model for Temporal and Derived Data: Securing Information Portals

ACM Transactions on Information and System Security

Volumn 5, Issue 1, 2002, Pages 62-94

  Atluri, Vijayalakshmi ^a   Gal, Avigdor ^b  

^a RUTGERS UNIVERSITY   (United States)

^b Department of Management Science and Information Systems ^*  (United States)

Author keywords

Access Control; Authorization Administration; Derived Data; Security; Temporal Data

Indexed keywords

EID: 0008724838     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/504909.504912     Document Type: Article

References (36)

1. Atluri, V. and Huang, W.-K. 1996. An Authorization Model for Workflows. In Proceedings of the Fifth European Symposium on Research in Computer Security (Sept.), in Lecture Notes in Computer Science, vol. 1146, Springer-Verlag, New York, 44-64.
2. Atluri, V. and Huang, W.-K. 1997. Enforcing mandatory and discretionary security in workflow management systems. J. Comput. Sec. 5, 4, 303-339.
3. Bertino, E., Bettini, C., and Samarati, P. 1994. A Temporal Authorization Model. In Proceedings of the second ACM conference on computer and communications security (Fairfax, Va., Nov.), 126-135.
4. Bertino, E., Ferrari, E., and Atluri, V. 1997. A Flexible Model Supporting the Specification and Enforcement of Role-Based Authorizations in Workflow Management Systems. In Proceedings of the Second ACM Workshop on Role-Based Access Control (Nov.), 1-12.
5. Bertino, E., Samarati, P., and Jajodia, S. 1993a. Authorizations in Relational Database Management Systems. In Proceedings of the First ACM Conference on Computer and Communications Security (Fairfax, Va., Nov.), 130-139.
6. Bertino, E., Samarati, P., and Jajodia, S. 1993b. High Assurance Discretionary Access Control for Object Bases. In Proceedings of the First ACM Conference on Computer and Communications Security (Fairfax, Va., Nov.), 140-150.
7. Bertino, E., Bettini, C., Ferrari, E., and Samarati, P. 1996. A Temporal Access Control Mechanism for Database Systems. IEEE Trans. Knowl. Data Eng. 8, 1, 67-80.
8. Bertino, E., Bettini, C., Ferrari, E., and Samarati, P. 1998. An Access Control Model Supporting Periodicity Constraints and Temporal Reasoning. ACM Trans. Database Sys. 23, 3, 231-285.
9. Blaustein, B., Mccollum, C., Notargiacomo, L., Smith, K., and Graubart, R. 1995. Autonomy and Confidentiality: Secure Federated Data Management. In Proceedings of the Second International Workshop on Next Generation Information Technologies and Systems (NGITS'95) (Nahariya, Israel, June), 59-68.
10. Clark, D. D. and Wilson, D. R. 1987. A Comparison of Commercial and Military Computer Security Policies. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, Calif., April), 184-194.
11. Clifford, J. and Tansel, A. U. 1985. On an Algebra for Historical Relational Databases: Two Views. In Proceedings of ACM SIGMOD (May), 247-265.
12. di Vimercati, S. D. C. and Samarati, P. 1997. Authorization Specification and Enforcement in Federated Database Systems. J. Comput. Sec. 5, 2, 155-188.
13. Etzion, O. 1993. Pardes-A Data-Driven Oriented Active Database Model. ACM SIGMOD Rec. 22, 1 (March), 7-14.
14. Fernandez, E. B., Gudes, E., and Song, H. 1989. A Security Model for Object-Oriented Databases. In Proceedings of the IEEE Symposium on Security and Privacy (May), 110-115.
15. Gal, A. 1999. Semantic Interoperability in Information Services: Experiencing with Coopware. ACM SIGMOD Rec. 28, 1, 68-75.
16. Gal, A. and Atluri, V. 2000. An Authorization Model for Temporal Data. In Proceedings of the Seventh ACM Conference on Computer and Communication Security (Athens, Greece, Nov.), 144-153.
17. Gal, A., Etzion, O., and Segev, A. 1996. Tale-A Temporal Active Language and Execution Model. In Advanced Information Systems Engineering, P. Constantopoulos, J. Mylopoulos, and Y. Vassiliou, Eds., Springer-Verlag, New York, 60-81.
18. Jensen, C., Clifford, J., Gadia, S., Segev, A., and Snodgrass, R. 1992. A Glossary of Temporal Database Concepts. ACMSIGMOD Rec. 21, 3, 35-43.
19. Jonscher, D. and Dittrich, K. 1994. An Approach for Building Secure Database Federations. In Proceedings of the Twentieth International Conference on Very Large Data Bases (VLDB'94) (Santiago de Chile, Chile), J. Bocca, M. Jarke, and C. Zaniolo, Eds., Morgan Kaufmann, San Mateo, Calif., 24-35.
20. Pissinou, N., Snodgrass, R., Elmasri, R., Mumick, I., Ozsu, M., Pernici, B., Segev, A., and Theodoulidis, B. 1994. Towards an Infrastructure for Temporal Databases-A Workshop Report. ACM SIGMOD Rec. 23, 1, 35.
21. Rabitti, F., Bertino, E., Kim, W., and Woelk, D. 1991. A Model of Authorization for Next-Generation Database Systems. ACM Trans. Database Syst. 16, 1 (March), 88-131.
22. Rosenthal, A. and Sciore, E. 1998. Propagating Integrity Information Among Interrelated Databases. In Proceedings of the IFIP 11.6 Workshop on Data Integrity and Control (Warrenton Va.), 5-18.
23. Rosenthal, A. and Sciore, E. 1999. First Class Views: A Key to User-Centered Computing. SIGMOD Rec. 28, 3, 22-28.
24. Rosenthal, A., Sciore, E., and Doshi, V. 1999. Security Administration for Federations, Warehouses, and Other Derived Data. In Research Advances in Database and Information Systems Security, 209-223.
25. Samarati, P., Ammann, P., and Jajodia, S. 1994. Propagation of Authorizations in Distributed Database Systems. In Proceedings of the Second ACM Conference on Computer and Communications Security (Fairfax, Va., Nov.), 136-147.
26. Samarati, P., Bertino, E., and Jajodia, S. 1996. An Authorization Model for a Distributed Hypertext System. IEEE Trans. Knowl. Data Eng. 8, 4, 555-562.
27. Sandhu, R. S. 1988. Transaction Control Expressions for Separation of Duties. In Proceedings of the Fourth Computer Security Applications Conference, 282-286.
28. Sandhu, R. S. 1991. Separation of Duties in Computerized Information Systems. In Database Security, IV: Status and Prospects, S. Jajodia and C. Landwehr, Eds., North Holland, Amsterdam, The Netherlands, 179-189.
29. Sandhu, R. S. et al. 1996. Role-Based Access Control Models. IEEE Computer 29, 2 (Feb.), 38-47.
30. Shoham, Y. 1988. Reasoning About Change: Time and Causation from the Standpoint of Artificial Intelligence. MIT Press, Cambridge, Mass.
31. Spooner, D. L. 1989. The Impact of Inheritance on Security in Object-Oriented Database Systems. In Database Security, II: Status and Prospects, Carl E. Landwehr, Ed., North-Holland, Amsterdam, The Netherlands, 141-160.
32. Templeton, M., Lund, E., and Ward, P. 1987. Pragmatics of Access Control in Mermaid. Data Eng. 10, 3 (Sept.), 33-38. Special Issue on Federated Database Systems.
33. Thomas, R. K. and Sandhu, R. S. 1993. Discretionary Access Control in Object-Oriented Databases. In Proceedings of the Sixteenth National Computer Security Conference (Baltimore, Md., Sept.), 63-74.
34. Wang, C. and Spooner, D. 1987. Access Control in a Heterogeneous Distributed Database Management System. In Proceedings of the IEEE Sixth Symposium on Reliability in Distributed Software and Database Systems (Williamsburg, Va., March), 84-92.
35. Woo, T. Y. and Lam, S. S. 1992. Authorization in Distributed Systems: A Formal Approach. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, Calif., May), 33-50.
36. Woo, T. Y. and Lam, S. S. 1993. A Framework for Distributed Authorization. In Proceedings of the First ACM Conference on Computer and Communications Security (Fairfax, Va., Nov.), 112-118.