期刊名称:International Journal of Computer Science and Information Technologies
电子版ISSN:0975-9646
出版年度:2012
卷号:3
期号:1
页码:3183-3186
出版社:TechScience Publications
摘要:Nowadays most of the commercial work make use of relational database management systems (RDBMS) to store a substantial amount of their data. Accessing information over the Internet has become an essential requirement. Authorization mechanisms in SQL permit access control at the level of complete tables or columns, or on views, providing coarse granularity. There is no direct way to control which tuples can be accessed by which users. Fine Grained Access Control (FGAC) is one of the ways to ensure data security. As per the requirements the granularity of fine grained access control can be on directories or folder level, database level, table level, even on individual record (tuple) and data field level. Access control is the process of mediating every request to resources and data maintained by a system and determining whether the request should be granted or denied. The access control decision is enforced by a mechanism implementing regulations established by a security policy. Corresponding to different criteria for defining what should, and what should not be allowed, different access control policies can be defined. In this paper, a novel access control model is proposed, which provides fine grained access control to shared data to authorized users. In proposed implementation, we have created a set of metatables, to store the data that make up the security policies, registered users and their authorization information. This allows policies to be created (or changed) dynamically. The access permissions are stored in the form of quadruple . Any change in policies doesn’t affect the application program. Moreover multiple policies defined to regulate user access together are also supported, which facilitates smooth access to user having multiple credentials without having him to mention each of his credentials at the time he makes request.
关键词:Access Control Policy; Data Security; Fine Grained;Access Control; RDBMS.ms.
