Article

Flexible and efficient access control in oracle

Authors:

Ravi Murthy,

Eric SedlarAuthors Info & Claims

SIGMOD '07: Proceedings of the 2007 ACM SIGMOD international conference on Management of data

Pages 973 - 980

https://doi.org/10.1145/1247480.1247596

Published: 11 June 2007 Publication History

Get Access

Abstract

A single model for access control across the database and application server tiers is crucial to ensure consistent secure access to data in all the tiers. In this paper, we present the common model for access control within Oracle database and application tiers which is based on the standard WebDAV ACLs (Access Control Lists). Further, we discuss the flexible mechanisms for defining ACLs and associating them with data and various optimization techniques for efficiently evaluating ACLs in large scale enterprise applications.

References

[1]

Oracle Database Security Guide, Oracle RDBMS 10gR2.

Google Scholar

[2]

HTTP Extensions for Distributed Authoring-WebDAV. RFC 2518. http://webdav.org

Google Scholar

[3]

WebDAV Access Control Protocol. RFC 3744. http://webdav.org/acl

Google Scholar

[4]

Network File System (NFS) version 4 Protocol. RFC 3530. http://www.ietf.org/rfc/rfc3744

Google Scholar

[5]

Oracle XML DB Developer's Guide, Oracle RDBMS 10gR2.

Google Scholar

[6]

R. Murthy, et al. Towards an enterprise XML architecture, SIGMOD 2005.

Digital Library

Google Scholar

[7]

S. Rizvi, A. Mendelzon, S. Sudarshan, P. Roy. Extending Query Rewriting Techniques for Fine-Grained Access Control. SIGMOD 2004.

Digital Library

Google Scholar

[8]

R. Sandhu, E. Coyne, H. Feinstein, and C. Youman. Role-Based Access Control Models. IEEE Computer, 29(2), 1996.

Digital Library

Google Scholar

[9]

S. Castano, M. Fugini, G. Martella, and P. Samarati. Database Security. Addison-Wesley, 1995.

Digital Library

Google Scholar

[10]

V. Gligor. Characteristics of role-based access control. In ACM Symp. on Access Control Models and Technologies, 1996.

Digital Library

Google Scholar

[11]

A. Motro. An access authorization model for relational databases based on algebraic manipulation of view definitions. In ICDE, pages 339--347, 1989.

Digital Library

Google Scholar

[12]

A. Motro. Panorama: A database system that annotates its answers to queries with their properties. Journal of Intelligent Information Systems, 7(1):51--73, Sept. 1996.

Digital Library

Google Scholar

[13]

OASIS eXtensible Access Control Markup Language (XACML) TC. http://www.oasis-open.org/committees/xacml

Google Scholar

[14]

D. F. Ferraiolo, D. R. Kuhn, R. Chandramouli, Role Based Access Control, Artech House, 2003.

Digital Library

Google Scholar

Cited By

View all

Sul RBrandao BAzevedo LBaiao FCappelli CSiqueira SCarvalho S(2015)Management of Authorization Rules Using Conceptual ModelProceedings of the annual conference on Brazilian Symposium on Information Systems: Information Systems: A Computer Socio-Technical Perspective - Volume 110.5555/2814058.2814113(339-346)Online publication date: 26-May-2015
https://dl.acm.org/doi/10.5555/2814058.2814113
Vimercati SForesti SJajodia SParaboschi SPsaila GSamarati P(2012)Integrating trust management and access control in data-intensive Web applicationsACM Transactions on the Web10.1145/2180861.21808636:2(1-43)Online publication date: 4-Jun-2012
https://dl.acm.org/doi/10.1145/2180861.2180863
Berkovic IIvankovic ZMarkoski BRadosav DIvkovic M(2010)Optimization of bulk operation performances within Oracle databaseIEEE 8th International Symposium on Intelligent Systems and Informatics10.1109/SISY.2010.5647277(163-167)Online publication date: Sep-2010
https://doi.org/10.1109/SISY.2010.5647277
Show More Cited By

Index Terms

Flexible and efficient access control in oracle
1. Security and privacy
  1. Database and storage security
2. Theory of computation
  1. Theory and algorithms for application domains
    1. Database theory
      1. Theory of database privacy and security

Recommendations

Permission based granular access control pattern
PLoP '14: Proceedings of the 21st Conference on Pattern Languages of Programs

Enterprise applications are designed to address specific business needs and are generally run within the internal corporate networks. Access to enterprise applications is controlled by various corporate policies, based on numerous widely accepted ...
Practical Role-Based Access Control

This article presents access control from a general and a role-based perspective. The article's focus is role based Access Control from a practical vice a theoretical perspective. The article starts with some access control definitions and two secure ...
Flexible team-based access control using contexts
SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologies

We discuss the integration of contextual information with team-based access control. The TMAC model was formulated by Thomas in [1] to provide access control for collaborative activity best accomplished by teams of users. In TMAC, access control ...

Comments

Information & Contributors

Information

Published In

SIGMOD '07: Proceedings of the 2007 ACM SIGMOD international conference on Management of data

June 2007

1210 pages

ISBN:9781595936868

DOI:10.1145/1247480

General Chairs:
Lizhu Zhou
Tsinghua University, China
,
Tok Wang Ling
National University of Singapore, Singapore
,
Program Chair:
Beng Chin Ooi
National University of Singapore, Singapore

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SIGMOD/PODS07

Sponsor:

SIGMOD/PODS07: International Conference on Management of Data

June 11 - 14, 2007

Beijing, China

Acceptance Rates

Overall Acceptance Rate 785 of 4,003 submissions, 20%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
49
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)0

Reflects downloads up to 07 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Sul RBrandao BAzevedo LBaiao FCappelli CSiqueira SCarvalho S(2015)Management of Authorization Rules Using Conceptual ModelProceedings of the annual conference on Brazilian Symposium on Information Systems: Information Systems: A Computer Socio-Technical Perspective - Volume 110.5555/2814058.2814113(339-346)Online publication date: 26-May-2015
https://dl.acm.org/doi/10.5555/2814058.2814113
Vimercati SForesti SJajodia SParaboschi SPsaila GSamarati P(2012)Integrating trust management and access control in data-intensive Web applicationsACM Transactions on the Web10.1145/2180861.21808636:2(1-43)Online publication date: 4-Jun-2012
https://dl.acm.org/doi/10.1145/2180861.2180863
Berkovic IIvankovic ZMarkoski BRadosav DIvkovic M(2010)Optimization of bulk operation performances within Oracle databaseIEEE 8th International Symposium on Intelligent Systems and Informatics10.1109/SISY.2010.5647277(163-167)Online publication date: Sep-2010
https://doi.org/10.1109/SISY.2010.5647277
Goyal VSureka ALal S(2010)AccKWProceedings of the 6th international conference on Databases in Networked Information Systems10.1007/978-3-642-12038-1_8(107-121)Online publication date: 29-Mar-2010
https://dl.acm.org/doi/10.1007/978-3-642-12038-1_8
Xiao XJung ECurrim F(undefined)Quips, MD: Query Information Privacy and Security, for Medical DataSSRN Electronic Journal10.2139/ssrn.1357866
https://doi.org/10.2139/ssrn.1357866

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Permission based granular access control pattern

Practical Role-Based Access Control

Flexible team-based access control using contexts

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations