ABSTRACT
The basic model of semantics for protection languages is reviewed. Advanced protection features are introduced into the model and their impact on authorization and enforcement is discussed. History keeping allows access dependency upon the occurrence of previous data operations. Auxiliary program invocation provides for additional (procedural) protection measures. Extended authorization permits a user to utilize, via authorized procedures, data which are not directly accessible by him. Examples are used to explain each of these features. The enforcement process for full specifications is illustrated with an example.
- 1.R.F. Boyce, et al., Specifying queries as relational expressions, ACM-SIGPLAN Notices, vol.10, no. 1, January 1975.Google Scholar
- 2.CODASYL Database Task Group, Report to the Programming Language Committee, rev. April 1971.Google Scholar
- 3.Arthur Evans Jr., et al., A user authentication scheme not requiring secrecy in the computer, Communications of the ACM, vol. 17, no. 8, August 1974, 437-442. Google ScholarDigital Library
- 4.Donald I. Good, Provable programming, Proceedings of the International Conference on Reliable Software, printed in ACM-SIGPLAN Notices, vol. 10, no. 6, June 1975, 411-419. Google ScholarDigital Library
- 5.H. Rex Hartson and David K. Hsiao, A semantic model for database protection languages, Proceedings of the Second International Conference on Very Large Database, North Holland Publishing Co., Brussels, Belgium, September 1976. Google ScholarDigital Library
- 6.Lance J. Hoffman, The formulary model for flexible privacy and access control, Proceedings FJCC, vol. 39, 1971, 587-601.Google Scholar
- 7.L. J. Hoffman and William F. Miller, Getting a personal dossier from a statistical data bank, reprinted in Security and Privacy in Computer Systems, Melville Pub. Co., Los Angeles, 1973, 289-293.Google Scholar
- 8.Anita K. Jones, Protection in programmed systems, Ph.D. Dissertation, Department of Computer Science, Carnegie-Mellon University, June 1973. Google ScholarDigital Library
- 9.Butler W. Lampson, A note on the confinement problem, Communications of the ACM, vol. 16, no. 10, October 1973, 613-615. Google ScholarDigital Library
- 10.H. E. Petersen and R. Turn, System implications on information privacy, Proceedings of SJCC, vol. 30, 1967, 291-300.Google Scholar
- 11.Gerald J. Popek and Charles S. Kline, A verifiable protection system, Proceedings of the International Conference on Reliable Software, printed in ACM-SIGPLAN Notices, vol. 10, no. 6, June 1975, 294-304. Google ScholarDigital Library
- 12.George B. Purdy, A high security log-in procedure, Communications of the ACM, vol. 17, no.8, August 1974, 442-445. Google ScholarDigital Library
Index Terms
- Full protection specifications in the semantic model for database protection languages
Recommendations
A semantic model for data base protection languages
VLDB '76: Proceedings of the second international conference on Systems for Large Data BasesThe authorization process in a protection system is the process which translates and stores specifications of all protection requirements. In giving recognition to the authorization process, this work develops a model of access control to provide a ...
A study of protection in programming languages
Proceedings of an ACM conference on Language design for reliable softwareThe concept of “protection” in programming languages refers to the ability to express directly in the language the desired access control relationships for all objects defined in the language. The use of such mechanisms as data types, scope, parameter ...
The Extended Schematic Protection Model
Access control models provide a formalism and framework for specifying control over access to information and other resources in multi-user computer systems. Useful access control models must balance expressive power with the decidability and complexity ...
Comments