Role-Based Access Control for Loosely Coupled Distributed Database Management Systems

Abstract

Much of the work to date to apply Role-Based Access Control (RBAC) to database management systems has focused on single database systems or an integrated distributed database system. For situations where the need exists to consolidate multiple independent databases, and where the direct integration of the databases is neither practical nor desirable, the application of RBAC requires that policy be enforced via a method that is distinct from the databases. The method must provide for the verification of the RBAC policy, while allowing for the independence of the various databases on which the policy is enforced. This paper proposes a model for an application that provides for a web-based interface for users to be granted access to data held in various independent databases. The application enforces a strict RBAC policy on a well-defined set of accesses, while alleviating the need for users to have a separate account on each of the databases.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2002
Accession Number
ADA401631

Entities

People

  • Faouzi Hammoudi
  • Greg Nygard

Organizations

  • Naval Postgraduate School

Tags

Communities of Interest

  • Biomedical
  • C4I
  • Cyber
  • Ground and Sea Platforms

DTIC Thesaurus Topics

  • Authentication
  • Computer Access Control
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Cryptography
  • Cybersecurity
  • Database Management Systems
  • Databases
  • Domain Specific Programming Languages
  • Information Systems
  • Lists (Data Structures)
  • Operating Systems
  • Security Personnel
  • Systems Engineering
  • Web Browsers

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Database Systems and Applications
  • Systems Analysis and Design