A Content-Dependent Authorization Model and Efficient Access Control for Object-Oriented Databases

坂口 和明 (9551042)

Access control is a key technology for providing data security in database management systems. Recently, various authorization models for object-oriented databases (OODBs) have been proposed. However, few of them support content-dependent access control. In this thesis, we propose a content-dependent authorization model applicable to OODB schemas proposed up to now, and define a description language that specifies inference rules for authorizations. Moreover, we present an efficient algorithm for deciding whether a given access request is permitted with respect to given authorizations and inference rules.