Flexible and efficient access control in oracle

A single model for access control across the database and application server tiers is crucial to ensure consistent secure access to data in all the tiers. In this paper, we present the common model for access control within Oracle database and application tiers which is based on the standard WebDAV ACLs (Access Control Lists). Further, we discuss the flexible mechanisms for defining ACLs and associating them with data and various optimization techniques for efficiently evaluating ACLs in large scale enterprise applications.

[1]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[2]  Amihai Motro,et al.  An access authorization model for relational databases based on algebraic manipulation of view definitions , 1989, [1989] Proceedings. Fifth International Conference on Data Engineering.

[3]  Elena Ferrari,et al.  Database Security , 2009, Encyclopedia of Database Systems.

[4]  Vikas Arora,et al.  Towards an enterprise XML architecture , 2005, SIGMOD '05.

[5]  Amihai Motro Panorama: A database system that annotates its answers to queries with their properties , 2004, Journal of Intelligent Information Systems.

[6]  Virgil D. Gligor,et al.  Characteristics of role-based access control , 1996, RBAC '95.

[7]  S. Sudarshan,et al.  Extending query rewriting techniques for fine-grained access control , 2004, SIGMOD '04.

[8]  E. James Whitehead,et al.  HTTP Extensions for Distributed Authoring - WEBDAV , 1999, RFC.