Compile-Time Flow Analysis of Transactions and Methods in Object-Oriented Databases

Methods are an important characteristics of Object-oriented databases, Previous models for Discretionary access-control in 00 databases have considered policies for Methods and Inheritance. However, discretionary authorization models do not provide the high assurance required in systems where Information flow is considered a problem. Mandatory models can solve the problem but usually they are too rigid for commercial applications. Therefore discretionary, information-flow control models are needed, especially when transactions and methods invocations are considered.

[1]  Michael Stonebraker,et al.  The design and implementation of INGRES , 1976, TODS.

[2]  Elisa Bertino,et al.  Information Flow Control in Object-Oriented Systems , 1997, IEEE Trans. Knowl. Data Eng..

[3]  David K. Hsiao,et al.  Papers from the International Conference on Very Large Data Bases, September 22-24, 1975, Framingham, Massachusetts , 1976, ACM Trans. Database Syst..

[4]  Bradford W. Wade,et al.  An authorization mechanism for a relational database system , 1976, TODS.

[5]  Won Kim,et al.  Introduction to Object-Oriented Databases , 1991, Computer systems.

[6]  Ehud Gudes,et al.  A compile-time model for safe information flow in object-oriented databases , 1997, SEC.

[7]  Alfred V. Aho,et al.  Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.

[8]  Silvana Castano,et al.  Database Security , 1997, IFIP Advances in Information and Communication Technology.

[9]  Elisa Bertino,et al.  A Temporal Access Control Mechanism for Database Systems , 1996, IEEE Trans. Knowl. Data Eng..

[10]  Ehud Gudes,et al.  A Model for Evaluation and Administration of Security in Object-Oriented Databases , 1994, IEEE Trans. Knowl. Data Eng..