Abstract

Access control in function granularity is one of the features of many object-oriented databases. In those systems, the users are granted rights to invoke composed functions instead of rights to invoke primitive operations. Although primitive operations are invoked inside composed functions, the users can invoke them only through the granted functions. This achieves access control in abstract operation level. Access control utilizing encapsulated functions, however, easily causes many "security flaws" through which malicious users can bypass the encapsulation and can abuse the primitive operations inside the functions. In this paper, we develop a technique to statically detect such security flaws. First, we design a framework to describe security requirements that should be satisfied. Then, we develop an algorithm that syntactically analyzes program code of the functions and determines whether given security requirements are satisfied or not. This algorithm is sound, that is, whenever there is a security flaw, it detects it.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Static detection of security flaws in object-oriented databases
Keishi Tajima
-
Keishi TajimaKeishi Tajima
01 Jan 1996
Access control in IoT: From requirements to a candidate vision
Dina Hussein ... Vincent Frey
-
Dina Hussein, et. al.Dina Hussein ... Vincent Frey
01 Mar 2017
Access control protocols with two-layer architecture for wireless networks
Zhiguo Wan ... Robert H Deng
Computer Networks | VOL. 51
Zhiguo Wan, et. al.Zhiguo Wan ... Robert H Deng
30 Jun 2006
A design method for data integrity in object-oriented database systems
Y Oki ... T Chikaraishi
-
Y Oki, et. al.Y Oki ... T Chikaraishi
03 Jul 1995
View more papers

More From: ACM SIGMOD Record

Paper Title
Journal
Date
Author
The Long and Winding Road to Mid-Career Academia
Angela Bonifati
ACM SIGMOD Record | VOL. 53
Angela BonifatiAngela Bonifati
30 Jul 2024
Fine-Grained Hardware Profiling - Are You Using the Right Tools?
Aarati Kakaraparthy ... Jignesh M Patel
ACM SIGMOD Record | VOL. 53
Aarati Kakaraparthy, et. al.Aarati Kakaraparthy ... Jignesh M Patel
30 Jul 2024
Diversity, Equity and Inclusion Activities in Database Conferences: A 2023 Report
Sihem Amer-Yahia ... Madhulika Mohanty
ACM SIGMOD Record | VOL. 53
Sihem Amer-Yahia, et. al.Sihem Amer-Yahia ... Madhulika Mohanty
30 Jul 2024
Report on the Fifth International Workshop on Health Data Management in the Era of AI (HeDAI 2023)
Haridimos Kondylakis ... Praveen Rao
ACM SIGMOD Record | VOL. 53
Haridimos Kondylakis, et. al.Haridimos Kondylakis ... Praveen Rao
30 Jul 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.