A model of access authorization is described for relational databases. In this model access permissions are a form of database knowledge, from which access permissions that apply to specific requests are inferred. Database access is specified in terms of views: a set of views is defined, and each user is granted permission to access one or more views. Users direct queries at the actual database, not at any particular view. When a request to access a view is presented to the database system, the system derives views of the request that are views of the views to which the user has access permission and presents the user only with these views. The model represents the definitions of views in special metarelations and extends standard algebraic operators to these relations.<<ETX>>
[1]
Amihai Motro,et al.
Integrity = validity + completeness
,
1989,
TODS.
[2]
David Maier,et al.
The Theory of Relational Databases
,
1983
.
[3]
Michael Stonebraker,et al.
Access control in a relational data base management system by query modification
,
1974,
ACM '74.
[4]
Moshé M. Zloof.
Query-by-Example: A Data Base Language
,
1977,
IBM Syst. J..
[5]
Bradford W. Wade,et al.
An authorization mechanism for a relational database system
,
1976,
TODS.
[6]
J. D. Uiiman,et al.
Principles of Database Systems
,
2004,
PODS 2004.