The SQL standard specifies authorization via a large set of rather opaque rules, which are difficult to understand and dangerous to change. To make the model easier to work with, we formalize the implicit principles behind SQL authorization. We then discuss two extensions, for explicit metadata privileges and general privilege inference on derived objects. Although these are quite simple and easily implemented, we show how together, they help solve several administrative problems with existing SQL security. This sort of abstraction is also an important step towards having DBMSs that simultaneously support security policies over SQL, XML, RDF, and other forms of data. © Springer-Verlag 2004.
CITATION STYLE
Rosenthal, A., & Sciore, E. (2004). Abstracting and refining authorization in SQL. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 3178, 148–162. https://doi.org/10.1007/978-3-540-30073-1_11
Mendeley helps you to discover research relevant for your work.