Skip to main content
Journal Article

Abstracting and refining authorization in SQL

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2004) 3178 148-162
DOI: 10.1007/978-3-540-30073-1_11
3Citations
Citations of this article
2Readers
Mendeley users who have this article in their library.
Get full text

Abstract

The SQL standard specifies authorization via a large set of rather opaque rules, which are difficult to understand and dangerous to change. To make the model easier to work with, we formalize the implicit principles behind SQL authorization. We then discuss two extensions, for explicit metadata privileges and general privilege inference on derived objects. Although these are quite simple and easily implemented, we show how together, they help solve several administrative problems with existing SQL security. This sort of abstraction is also an important step towards having DBMSs that simultaneously support security policies over SQL, XML, RDF, and other forms of data. © Springer-Verlag 2004.

Author supplied keywords

Cite

CITATION STYLE

APA

Rosenthal, A., & Sciore, E. (2004). Abstracting and refining authorization in SQL. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3178, 148–162. https://doi.org/10.1007/978-3-540-30073-1_11

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free