Access Controls by Object-Oriented Concepts

This paper introduces object-oriented access controls (OOAC) as a result of consequently applying the object-oriented paradigm for providing access controls in object and interoperable databases. OOAC includes: (1) subjects, like users, roles etc., are regarded as first-class objects, (2) objects are accessed by sending messages, and (3) access controls deal with controlling the flow of messages among objects. OOAC are not intended to replace legacy access control mechanisms which mainly have been designed and applied in non-object environments. Instead, they provide the basis for applying these concepts in true object-oriented environments. An object authorization language (OAL) is proposed for specifying authorizations in a declarative manner.

[1]  Béatrice Finance,et al.  IRO-DB: a distributed system federating object and relational databases , 1995 .

[2]  William E. Lorensen,et al.  Object-Oriented Modeling and Design , 1991, TOOLS.

[3]  Ehud Gudes,et al.  A Model for Evaluation and Administration of Security in Object-Oriented Databases , 1994, IEEE Trans. Knowl. Data Eng..

[4]  Peter Fankhauser,et al.  IRO-DB An Object-Oriented Approach towards Federated and Interoperable DBMS (Invited Paper) , 1994, ADBIS.

[5]  Ehud Gudes,et al.  A Model of Methods Access Authorization in Object-oriented Databases , 1993, VLDB.

[6]  Silvana Castano,et al.  Database Security , 1997, IFIP Advances in Information and Communication Technology.

[7]  Ehud Gudes,et al.  A Method-Based Authorization Model for Object-Oriented Databases , 1993, Security for Object-Oriented Systems.

[8]  Tom Atwood,et al.  Object Database Standard: ODMG-93, Release 1.2 , 1995 .

[9]  Elisa Bertino,et al.  Object-oriented database management systems: concepts and issues , 1991, Computer.

[10]  A. M. Tjoa,et al.  Access controls for federated database environments - taxonomy of design choices , 1995 .

[11]  R. G. G. Cattell,et al.  The Object Database Standard: ODMG-93 (Release 1.1) , 1994 .

[12]  Günther Pernul Database Security , 1994, Adv. Comput..

[13]  Klaus R. Dittrich,et al.  Complex Subjects, or: The Striving for Complexity is Ruling our World , 1993, DBSec.

[14]  Elisa Bertino,et al.  A model of authorization for next-generation database systems , 1991, TODS.

[15]  Elisa Bertino,et al.  Research Issues in Discretionary Authorizations for Object Bases , 1993, Security for Object-Oriented Systems.

[16]  Hans Hermann Brüggemann,et al.  Rights in an Object-Oriented Environment , 1991, DBSec.

[17]  Erich J. Neuhold,et al.  Federated Schemata in ODMG , 1994, East/West Database Workshop.

[18]  A Min Tjoa,et al.  Authorization and access control in IRO-DB , 1996, Proceedings of the Twelfth International Conference on Data Engineering.

[19]  A Min Tjoa,et al.  The security architecture of IRO-DB , 1996, SEC.

[20]  Elisa Bertino,et al.  Data hiding and security in object-oriented databases , 1992, [1992] Eighth International Conference on Data Engineering.

[21]  David Jordan,et al.  The Object Database Standard: ODMG 2.0 , 1997 .

[22]  David J. DeWitt,et al.  The Object-Oriented Database System Manifesto , 1994, Building an Object-Oriented Database System, The Story of O2.