A relational database integrity framework for access control policies

Thion, Romuald; Coulondre, Stéphane

doi:10.1007/s10844-010-0146-z

Cited by 6 publications

(5 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As regards the verification of concrete policies, several research studies fit into this topic with a main goal of verifying the correctness of the implementation regarding the set of predefined constraints. The basic contributions deal with (i) checking the validity of the implemented policy in comparison to its security constraints [40] by using a finite model checker; (ii) detecting anomalies of redundancy and inconsistency in the expression of the policy [41] by utilizing the concept of graph of roles; and (iii) proposing [42] a logical framework used to set and check policy constraints in the case of relational databases. To detect possible intrusions that may threaten an access control system, the author in [43] proposed to model the policy as a graph of roles and to use algorithms of graph theory or LDAP directory schema, to detect illicit transfer of privileges.…”

Section: Verification and Validation Of Access Control Policiesmentioning

confidence: 99%

A Methodology and Toolkit for Deploying Reliable Security Policies in Critical Infrastructures

Jaidi

Ayachi

Bouhoula

2018

Security and Communication Networks

View full text Add to dashboard Cite

Substantial advances in Information and Communication Technologies (ICT) bring out novel concepts, solutions, trends, and challenges to integrate intelligent and autonomous systems in critical infrastructures. A new generation of ICT environments (such as smart cities, Internet of Things,edge-fog-social-cloudcomputing, and big data analytics) is emerging; it has different applications to critical domains (such as transportation, communication, finance, commerce, and healthcare) and different interconnections via multiple layers of public and private networks, forming a grid of critical cyberphysical infrastructures. Protecting sensitive and private data and services in critical infrastructures is, at the same time, a main objective and a great challenge for deploying secure systems. It essentially requires setting up trusted security policies. Unfortunately, security solutions should remain compliant and regularly updated to follow and track the evolution of security threats. To address this issue, we propose an advanced methodology for deploying and monitoring the compliance of trusted access control policies. Our proposal extends the traditional life cycle of access control policies with pertinent activities. It integrates formal and semiformal techniques allowing the specification, the verification, the implementation, the reverse-engineering, the validation, the risk assessment, and the optimization of access control policies. To automate and facilitate the practice of our methodology, we introduce our systemSVIRVROthat allows managing the extended life cycle of access control policies. We refer to an illustrative example to highlight the relevance of our contributions.

show abstract

Section: Verification and Validation Of Access Control Policiesmentioning

confidence: 99%

A Methodology and Toolkit for Deploying Reliable Security Policies in Critical Infrastructures

Jaidi

Ayachi

Bouhoula

2018

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Authors in [11] chose to transform the specification to the B notation using the B4Msecure tool and to analyze it with the ProB tool. Authors in [14] defined a logical framework to enforce the integrity of access control policies in relational databases. This framework focuses primarily on how to enforce and check constraints.…”

Section: Related Workmentioning

confidence: 99%

“…We define renamed users in (14) as the set of couple of users (U i , U j ); where U i is a missed user, U j is a hidden user and both users share the same permissions and roles:…”

Section: Validation Propertiesmentioning

confidence: 99%

A Formal Approach Based on Verification and Validation Techniques for Enhancing the Integrity of Concrete Role Based Access Control Policies

Jaidi¹,

Ayachi²

2015

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Our research works are in the context of verifying the integrity of access control policies in relational database management systems. This paper addresses the following question: In terms of security and particularly access control, does an information system actually do what was planned for it to do? Thus, an important aspect is to help security architects verifying the correspondence between the security planning and its real implementation. We present a synthesis of the problem of access control policy integrity within relational databases. Then, we introduce our proposal for addressing this issue. We especially focus on the verification and validation of the conformity of concrete role based access control policies in a formal environment. Finally, we illustrate the relevance of our contribution through a case of study.

show abstract

“…Simultaneous use of different roles can lead to violations of data security. An important limitation of this risk is transferring the rules of secure data access to the database server level [22].…”

Section: Introductionmentioning

confidence: 99%

Improving Data Access Security by Server-Side Functional Extensions

Miłosz¹,

Draganek²

2016

Adv. Sci. Technol. Res. J.

View full text Add to dashboard Cite

All Database Management Systems used in the industry provide secure access to data at the server level. The level of security is influenced by technology, security model, password encryption method, password strength and others. The human factor -unreasonable behaviour of users -also has a significant impact on safety. Developers of database applications often implement their security policy by limiting the risk caused by users. This implementation has a disadvantage -it does not work outside of the application. A large number and variety of applications that work with the database server may then create a security gap. The paper presents the authors' extensions of the functional features implemented in the Oracle database server, increasing the security of data access. The implemented methods of controlling the time of user access to data and limiting the use of serial and modular passwords are also discussed.

show abstract

A relational database integrity framework for access control policies

Cited by 6 publications

References 33 publications

A Methodology and Toolkit for Deploying Reliable Security Policies in Critical Infrastructures

A Methodology and Toolkit for Deploying Reliable Security Policies in Critical Infrastructures

A Formal Approach Based on Verification and Validation Techniques for Enhancing the Integrity of Concrete Role Based Access Control Policies

Improving Data Access Security by Server-Side Functional Extensions

Contact Info

Product

Resources

About