We found a match
Your institution may have access to this item. Find your institution then sign in to continue.
- Title
Secure, Dynamic and Distributed Access Control Stack for Database Applications.
- Authors
Pereira, Óscar Mortágua; Regateiro, Diogo Domingues; Aguiar, Rui L.
- Abstract
In database applications, access control security layers are mostly developed from tools provided by vendors of database management systems and deployed in the same servers containing the data to be protected. This solution conveys several drawbacks. Among them we emphasize: (1) if policies are complex, their enforcement can lead to performance decay of database servers; (2) when modifications in the established policies implies modifications in the business logic (usually deployed at the client-side), there is no other possibility than modify the business logic in advance and, finally, 3) malicious users can issue CRUD expressions systematically against the DBMS expecting to identify any security gap. In order to overcome these drawbacks, in this paper we propose an access control stack characterized by: most of the mechanisms are deployed at the client-side; whenever security policies evolve, the security mechanisms are automatically updated at runtime and, finally, client-side applications do not handle CRUD expressions directly. We also present an implementation of the proposed stack to prove its feasibility. This paper presents a new approach to enforce access control in database applications, this way expecting to contribute positively to the state of the art in the field.
- Subjects
COMPUTER access control software; DATABASE management; DISTRIBUTED computing; APPLICATION software; DATA security; SQL
- Publication
International Journal of Software Engineering & Knowledge Engineering, 2015, Vol 25, Issue 9/10, p1703
- ISSN
0218-1940
- Publication type
Article
- DOI
10.1142/S0218194015710035