An access control facility for relational data base systems

摘要

A set of language facilities for the specification of security requirements in a relational data base is presented. An attempt is made to have a data base language unified from the points of view of data storage/retrieval, computation and protection. It is argued that the unit of protection as defined in the conventional data base systems is not sufficient from the point of view of security and therefore the underlying protection model takes a simple domain as the unit of protection. Further, the definition of data submodel is modified to define the cababilities of the users over the view of the data base provided to them. The line of attack adopted here is then contrasted with that of some of the existing data base systems.