Building a secure database using self-protecting objects

M. S. Olivier; S. H. von Solms

doi:10.1016/0167-4048(92)90206-7

Building a secure database using self-protecting objects

M. S. Olivier, S. H. von Solms

Academy of Computer Science and Software Engineering

University of Johannesburg

Research output: Contribution to journal › Article › peer-review

7 Citations (Scopus)

Abstract

In current database systems the responsibility for enforcing security is often given to the various application programs. Even where the database management system does supply security mechanisms, a single application program often handles sensitive transactions for some users and therefore needs a high clearance for accessing data-this may render the provided mechanisms inadequate. Furthermore, the user's identity is often concealed because the user has many "software agents" acting on its behalf-especially in distributed environments. A simple mapping between subjects and objects is no longer possible. We propose a model for extending object-oriented database systems to enable objects themselves to ensure security-that is, to protect themselves. This extension is based on the concept of "baggage"-baggage is collected from all components involved in any request; this baggage may then be verified by the object against its personal security profile before any method is executed.

Original language	English
Pages (from-to)	259-271
Number of pages	13
Journal	Computers and Security
Volume	11
Issue number	3
DOIs	https://doi.org/10.1016/0167-4048(92)90206-7
Publication status	Published - May 1992

Keywords

DBMS
Multilevel secure database
Object-oriented
Path context model (PCM)
Security

ASJC Scopus subject areas

General Computer Science
Law

Access to Document

10.1016/0167-4048(92)90206-7

Cite this

@article{c9d531dbd39c41a4b7d57aef00e981b9,

title = "Building a secure database using self-protecting objects",

abstract = "In current database systems the responsibility for enforcing security is often given to the various application programs. Even where the database management system does supply security mechanisms, a single application program often handles sensitive transactions for some users and therefore needs a high clearance for accessing data-this may render the provided mechanisms inadequate. Furthermore, the user's identity is often concealed because the user has many {"}software agents{"} acting on its behalf-especially in distributed environments. A simple mapping between subjects and objects is no longer possible. We propose a model for extending object-oriented database systems to enable objects themselves to ensure security-that is, to protect themselves. This extension is based on the concept of {"}baggage{"}-baggage is collected from all components involved in any request; this baggage may then be verified by the object against its personal security profile before any method is executed.",

keywords = "DBMS, Multilevel secure database, Object-oriented, Path context model (PCM), Security",

author = "Olivier, \{M. S.\} and \{von Solms\}, \{S. H.\}",

year = "1992",

month = may,

doi = "10.1016/0167-4048(92)90206-7",

language = "English",

volume = "11",

pages = "259--271",

journal = "Computers and Security",

issn = "0167-4048",

publisher = "Elsevier Ltd.",

number = "3",

}

TY - JOUR

T1 - Building a secure database using self-protecting objects

AU - Olivier, M. S.

AU - von Solms, S. H.

PY - 1992/5

Y1 - 1992/5

N2 - In current database systems the responsibility for enforcing security is often given to the various application programs. Even where the database management system does supply security mechanisms, a single application program often handles sensitive transactions for some users and therefore needs a high clearance for accessing data-this may render the provided mechanisms inadequate. Furthermore, the user's identity is often concealed because the user has many "software agents" acting on its behalf-especially in distributed environments. A simple mapping between subjects and objects is no longer possible. We propose a model for extending object-oriented database systems to enable objects themselves to ensure security-that is, to protect themselves. This extension is based on the concept of "baggage"-baggage is collected from all components involved in any request; this baggage may then be verified by the object against its personal security profile before any method is executed.

AB - In current database systems the responsibility for enforcing security is often given to the various application programs. Even where the database management system does supply security mechanisms, a single application program often handles sensitive transactions for some users and therefore needs a high clearance for accessing data-this may render the provided mechanisms inadequate. Furthermore, the user's identity is often concealed because the user has many "software agents" acting on its behalf-especially in distributed environments. A simple mapping between subjects and objects is no longer possible. We propose a model for extending object-oriented database systems to enable objects themselves to ensure security-that is, to protect themselves. This extension is based on the concept of "baggage"-baggage is collected from all components involved in any request; this baggage may then be verified by the object against its personal security profile before any method is executed.

KW - DBMS

KW - Multilevel secure database

KW - Object-oriented

KW - Path context model (PCM)

KW - Security

UR - https://www.scopus.com/pages/publications/0026869918

U2 - 10.1016/0167-4048(92)90206-7

DO - 10.1016/0167-4048(92)90206-7

M3 - Article

AN - SCOPUS:0026869918

SN - 0167-4048

VL - 11

SP - 259

EP - 271

JO - Computers and Security

JF - Computers and Security

IS - 3

ER -

Building a secure database using self-protecting objects

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this