By Topic

TRDBAC: Temporal reflective database access control

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Zahid Rashid ; School of Electrical Engineering and Computer Science (SEECS), National University of Science and Technology, Islamabad, Pakistan ; Abdul Basit ; Zahid Anwar

Database access control policies can become extremely complicated and complex in large databases such as hospital medical systems, banks and enterprise resource planning systems of large enterprises etc. The complexity in access control policies may results in security breaches if the policies are ambiguous, not well defined and implemented incorrectly. e.g. HSBC database security breach reported in year 2006 in which an ex-employee swiped away almost 24,000 customers accounts due to incorrect access policies. The access control policies define the rights and privileges of users on database objects. In order to keep these database systems secure, the database security should provide controlled, protected access to the contents of a database as well as preserve the integrity, consistency, and overall quality of the data. In order to implement the consistent database access control policies, a number of models have been developed by the database security community such as, discretionary (DAC) and mandatory (MAC) access control models, role-based access control model (RBAC), reflective database access control (RDBAC). RDBAC is a relatively new and more expressive access control model that provides a more fine-grained level control than the previous models. Move over database privilege is expressed as a database query itself, rather than as a static privilege contained in an access control matrix. In this paper, we propose Temporal Reflective Database Access Control (TRDBAC)- a new access control policy designed to address a limitation of RDBAC: the inability to express time-constraints, just as TRBAC extends RBAC to incorporate the notion of time. To show how our new policy works we have demonstrated a case study on students result information system, in which policies are written in a time based extension of reflective database access control (RDBAC) and converted to SQL queries. Finally we analyze the behavior of our new model.

Published in:

Emerging Technologies (ICET), 2010 6th International Conference on

Date of Conference:

18-19 Oct. 2010