Skip to Main Content
In this paper, we present a technique that can efficiently identify anomalous accesses to the database by using an authorization rule system which has been designed for implementing a user dynamic access control system which will secure inter-operation of independently managed database services in an open, distributed environment. Traditional authorization models do not adequately meet access control requirements typical to databases, a separate authorization rule subsystem has been designed which is based on temporal event matching language (TEML). The rule specified in this security system is in event-time-condition-action (ETCA) format. XML is used for defining the authorization rules and the security rules. We could extract XML access control data from several platforms and represent the access control data for the entire enterprise through a common model. Similarly, access control data under an enterprise model can be translated to ones that are native to the platforms.
TENCON 2003. Conference on Convergent Technologies for the Asia-Pacific Region (Volume:3 )
Date of Conference: 15-17 Oct. 2003