An Access Control Mechanism for Object-Oriented Database Systems

Tadashi ARAKI  Tetsuya CHIKARAISHI  Thomas HARDJONO  Tadashi OHTA  Nobuyoshi TERASHIMA  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E76-A   No.1   pp.112-121
Publication Date: 1993/01/25
Online ISSN: 
Print ISSN: 0916-8508
Type of Manuscript: Special Section PAPER (Special Section on Cryptography and Information Security)
information security,  object-oriented database system,  multilevel access control,  security policy,  trusted computing base,  

Full Text: PDF(874.5KB)>>
Buy this Article

The security problems of object-oriented database system are investigated and security level assignment constraints and an access control mechanism based on the multilevel access control security policy are proposed. The proposed mechanism uses the Trusted Computing Base. A unique feature of the mechanism is that security levels are assigned not only to data items (objects), but also to methods and methods are not shown to the users whose security level is lower than that of the methods. And we distinguish between the security level of a variable in a class and that in an instance and distinguish between the level of an object when it is taken by itself and it is taken as a variable or an element of another complex object. All of this realizes the policy of multilevel access control.