Fine-grained Access Control in Databases

Today, there are countless terabytes of data processed by IT systems, and we store a measurable portion of that data in the relational database management systems (RDBMS). Access control in these IT systems, is one of the cornerstones of any Information Security Policy. The granularity of such access control can be on different levels, like on directories or folder level, database level, table level, and even on individual record(tuple) and data field level. In this report, I survey various models and mechanisms of fine-grained access control in databases. Different models exist for providing access control at level finer than tables. This paper considers existing and upcoming theoretical models as well as models currently implemented in various database systems.

[1]  Amihai Motro,et al.  An access authorization model for relational databases based on algebraic manipulation of view definitions , 1989, [1989] Proceedings. Fifth International Conference on Data Engineering.

[2]  Sushil Jajodia,et al.  Database security and privacy , 1996, CSUR.

[3]  S. Sudarshan,et al.  Extending query rewriting techniques for fine-grained access control , 2004, SIGMOD '04.

[4]  Jeffrey D. Ullman,et al.  Principles of Database Systems , 1980 .

[5]  Kanwal Rekhi,et al.  Database Access Control for E-Business – A case study , 2005 .

[6]  Hakan Hacigümüs,et al.  Providing database as a service , 2002, Proceedings 18th International Conference on Data Engineering.

[7]  Martin S. Olivier,et al.  MoFAC: a model for fine-grained access control , 1996, SEC.