摘要:This is a discussion paper which presents a cryptographic solution for discretionary access control in object-oriented databases. Our approach is based on the use of pseudo-random functions and sibling intractable function families (SIFF). Each entity (object or class) in the object-oriented database model is associated with access keys that ensure secure access to that entity and all related entities. The main advantage of our approach is its ability to verify an access request during query processing. Pseudo-random functions and SIFF are applied in such a way that cryptographic keys can be generated from keys of related objects or users. The security of the system depends on the difficulty of predicting the output of pseudo-random functions and on finding extra collision for the sibling intractable function family. The authorization system supports ownership and granting/revoking of privileges.
