A Formal Approach to Detecting Security Flaws in Object-Oriented Databases

Toshiyuki MORITA  Yasunori ISHIHARA  Hiroyuki SEKI  Minoru ITO  

IEICE TRANSACTIONS on Information and Systems   Vol.E82-D   No.1   pp.89-98
Publication Date: 1999/01/25
Online ISSN: 
Print ISSN: 0916-8532
Type of Manuscript: Special Section PAPER (Special Issue on New Generation Database Technologies)
Category: Theoretical Aspects
object-oriented database,  authorization,  security flaw,  term rewriting system,  

Full Text: PDF(348.1KB)>>
Buy this Article

Detecting security flaws is important in order to keep the database secure. A security flaw in object-oriented databases means that a user can infer the result of an unpermitted method only from permitted methods. Although a database management system enforces access control by an authorization, security flaws can occur under the authorization. The main aim of this paper is to show an efficient decision algorithm for detecting a security flaw under a given authorization. This problem is solvable in polynomial time in practical cases by reducing it to the congruence closure problem. This paper also mentions the problem of finding a maximal subset of a given authorization under which no security flaw exists.