Synonyms
Related Concepts
Definition
Databases have a number of users viewing and accessing data, which makes security a major concern. SQL roles, which grant and deny permissions to groups of users, are used to control the access to data allowing users to view or modify only the data they are authorized. More precisely, a role defines what a user can and cannot do within a database, and multiple users can share the same role.
Background
Roles are a part of the tiered security model: they can be used to manage login security relating to the server connections, database security getting appropriate accesses to the database and getting appropriate accesses to individual database objects and data. When the user logs in to the server entering a password, access to the stored databases is determined by user accounts. After gaining access to an actual database, the user is restricted to the data he or she can view and modify. The main benefit of...
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Recommended Reading
Al Bouna B, Chbeir R (2006) Multimedia-based authorization and access control policy specification. In: SWS ’06: proceedings of the 3rd ACM workshop on secure web services. ACM, New York, pp 61–68
Atluri V, Mazzoleni P (2002) A uniform indexing scheme for geo-spatial data and authorizations. In: Proceedings of the sixteenth conference on data and application security. Cambridge, pp 207–218, http://portal.acm.org/citation.cfm?id=1359363&CFID=13016546&CFTOKEN=95674504
Belussi A, Bertino E, Catania B, Damiani ML, Nucita A (2004) An authorization model for geographical maps. In: GIS ’04: proceedings of the 12th annual ACM international workshop on geographic information systems. ACM, New York, pp 82–91
Bertino E, Bonatti PA, Ferrari E (2001) Trbac: a temporal role-based access control model. ACM Trans Inf Syst Secur 4(3):191–233
Bertino E, Catania B, Ferrari E, Perlasca P (2001) A logical framework for reasoning about access control models. In: SACMAT ’01: proceedings of the sixth ACM symposium on access control models and technologies. ACM, New York, pp 41–52
Bertino E, Damiani ML, Momini D (2004) An access control system for a web map management service. In: RIDE ’04: proceedings of the 14th international workshop on research issues on data engineering: web services for e-commerce and e-government applications (RIDE’04). IEEE Computer Society, Washington, DC, pp 33–39
Bhatti R, Ghafoor A, Bertino E, Joshi JBD (2005) X-gtrbac: an xml-based policy specification framework and architecture for enterprisewide access control. ACM Trans Inf Syst Secur 8(2):187–227
Byun JW, Li N (2008) Purpose based access control for privacy protection in relational database systems. VLDB J 17(4):603–619
Chigrik A (2001) Understanding sql server roles. http://www. databasejournal.com/features/mssql/article.php/1441261/under%20standing-SQL-server-roles.htm. Accessed 15 July 2010
Covington MJ, Long W, Srinivasan S, Dev AK, Ahamad M, Abowd GD (2001) Securing context-aware applications using environment roles. In: SACMAT ’01: proceedings of the sixth ACM symposium on access control models and technologies. ACM, New York, pp 10–20
Damiani ML, Bertino E, Catania B, Perlasca P (2007) Geo-rbac: a spatially aware rbac. ACM Trans Inf Syst Secur 10(1):2
Finance B, Medjdoub S, Pucheral P (2005) The case for access control on xml relationships. In: CIKM ’05: proceedings of the 14th ACM international conference on Information and knowledge management. ACM, New York, pp 107–114
Harkins S (2004) Understanding roles in sql server security. http://articles.techrepublic.com.com/5100-10878_11-1061781.html. Accessed 15 July 2010
Hitchens M, Varadharajan V (2001) Rbac for xml document stores. In: ICICS ’01: proceedings of the third international conference on information and communications security. Springer, London, pp 131–143
Kamra A, Terzi E, Bertino E (2008) Detecting anomalous access patterns in relational databases. VLDB J 17(5):1063–1077
Joshi JBD, Bertino E, Latif U, Ghafoor A (2005) A generalized temporal role-based access control model. IEEE Trans Knowl Data Eng 17(1):4–23
Ling L, zsu MT (ed) (2009) Encyclopedia of database systems, vol 4. Springer
Matheus A (2005) Declaration and enforcement of fine-grained access restrictions for a service-based geospatial data infrastructure. In: SACMAT ’05: proceedings of the tenth ACM symposium on Access control models and technologies. ACM, New York, pp 21–28
Osborn SL, Han Y, Liu J (2003) A methodology for managing roles in legacy systems. In: SACMAT ’03: proceedings of the eighth ACM symposium on access control models and technologies. ACM, New York, pp 33–40
Purevjii BO, Amagasa T, Imai S, Kanamori Y (2004) An access control model for geographic data in an xml-based framework. In: WOSIS, pp 251–260
Rabitti F, Woelk D, Kim W (1988) A model of authorization for object-oriented and semantic databases. In: EDBT ’88: proceedings of the international conference on extending database technology. Springer, London, pp 231–250
Sandhu RS (1996) Role hierarchies and constraints for lattice-based access controls. In: ESORICS ’96: proceedings of the 4th European symposium on research in computer security. Springer, London, pp 65–79
Wang J, Osborn SL (2004) A role-based approach to access control for xml databases. In: SACMAT ’04: proceedings of the ninth ACM symposium on access control models and technologies. ACM, New York, pp 70–77
Wong RK (1997) Rbac support in object-oriented role databases. In: RBAC ’97: proceedings of the second ACM workshop on role-based access control. ACM, New York, pp 109–120
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Campi, A. (2011). Roles in SQL. In: van Tilborg, H.C.A., Jajodia, S. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5906-5_685
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5906-5_685
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5905-8
Online ISBN: 978-1-4419-5906-5
eBook Packages: Computer ScienceReference Module Computer Science and Engineering