This paper is to investigate the impplementation of security
mechanism in object oriented database system. Formal methods
plays an essential role in computer security due to its powerful expressiveness
and concise syntax and semantics. In this paper, both issues
of specification and implementation in database security environment
will be considered; and the database security is achieved through
the development of an efficient implementation of the specification
without compromising its originality and expressiveness.
[1] E. Bertino, F. Buccafurri, E. Ferrari and P. Rullo, "A Logic-based
Approach for Enforcing Access Control". Computer Security, vol.8, No.2-
2, pp109-140, 2000.
[2] E. Bertino, B. Catania, E. Ferrari and P. Perlasca, "A Logical Framework
for Reasoning about Access Control Models". ACM Transactions on
Information and System Security, Vol.6, No.1, pp71-127, 2003.
[3] C. Bettini, S. Jajodia, X. S. Wang and D. Wijesekera, "Provisions and
Obligations in Policy Management and Security Applications". Proceedings
of the Very Large Database Conference, pp502-513, 2002.
[4] S. Jajodia, P. Samarati, M.L. Sapino and V.S. Subrahmanian, "Flexible
Support for Multiple Access Control Policies". ACM Transactions on
Database Systems, Vol.29, No.2, pp214-260, 2001.
[5] N. Li, B. Grosof and J. Feigenbaum, "Delegation Logic: A Logicbased
Approach to Distributed Authorization". ACM Transactions on
Information and System Security, Vol.6, No.1, pp128-171, 2003.
[6] L. Wang, D. Wijesekera and S. Jajodia, "A logic-based framework for
attribute based access control," Proceedings of the ACM Workshop on
Formal Methods in Security Engineering, pp45-55, 2004.
[7] T.Y.C. Woo and S.S. Lam, "Authorization in Distributed systems: A
Formal Approach". Proceedings of IEEE Symposium on Research in
Security and Privacy, pp33-50, 1992.
[1] E. Bertino, F. Buccafurri, E. Ferrari and P. Rullo, "A Logic-based
Approach for Enforcing Access Control". Computer Security, vol.8, No.2-
2, pp109-140, 2000.
[2] E. Bertino, B. Catania, E. Ferrari and P. Perlasca, "A Logical Framework
for Reasoning about Access Control Models". ACM Transactions on
Information and System Security, Vol.6, No.1, pp71-127, 2003.
[3] C. Bettini, S. Jajodia, X. S. Wang and D. Wijesekera, "Provisions and
Obligations in Policy Management and Security Applications". Proceedings
of the Very Large Database Conference, pp502-513, 2002.
[4] S. Jajodia, P. Samarati, M.L. Sapino and V.S. Subrahmanian, "Flexible
Support for Multiple Access Control Policies". ACM Transactions on
Database Systems, Vol.29, No.2, pp214-260, 2001.
[5] N. Li, B. Grosof and J. Feigenbaum, "Delegation Logic: A Logicbased
Approach to Distributed Authorization". ACM Transactions on
Information and System Security, Vol.6, No.1, pp128-171, 2003.
[6] L. Wang, D. Wijesekera and S. Jajodia, "A logic-based framework for
attribute based access control," Proceedings of the ACM Workshop on
Formal Methods in Security Engineering, pp45-55, 2004.
[7] T.Y.C. Woo and S.S. Lam, "Authorization in Distributed systems: A
Formal Approach". Proceedings of IEEE Symposium on Research in
Security and Privacy, pp33-50, 1992.
@article{"International Journal of Engineering, Mathematical and Physical Sciences:56160", author = "Yun Bai", title = "A Formal Implementation of Database Security", abstract = "This paper is to investigate the impplementation of security
mechanism in object oriented database system. Formal methods
plays an essential role in computer security due to its powerful expressiveness
and concise syntax and semantics. In this paper, both issues
of specification and implementation in database security environment
will be considered; and the database security is achieved through
the development of an efficient implementation of the specification
without compromising its originality and expressiveness.", keywords = "database security, authorization policy, logic basedspecification", volume = "2", number = "1", pages = "17-3", }