Abstract
This paper presents a formal model of authorization for use as the basis for an authorization mechanism in ORION, a prototype database system which directly supports the object-oriented paradigm and a number of semantic data modeling concepts. The model extends in two significant ways the existing models of authorization, which have been designed for database systems supporting the relational, network, or hierarchical models of data. First, it fully develops the concept of implicit authorization, introduced in an earlier paper [FERN75b], to help solve the storage requirement of representing all authorizations in a system by allowing the system to deduce authorizations from explicitly stored authorizations, and to provide a basis for detecting authorization definitions which conflict with existing authorizations. Second, it provides a formal basis for accommodating a number of modeling concepts which the existing models of authorization cannot address: the IS-PART-OF relationship between an object and its containing object, and versions of an object.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Banerjee, J., H. T. Chou, J. Garza, W. Kim, D. Woelk, N. Ballou, and H. J. Kim. “Data Model Issues for Object-Oriented Applications,” ACM Trans. on Office Information Systems, April 1987.
Bobrow, D.G., and M. Stefik. The LOOPS Manual, Xerox PARC, Palo Alto, CA., 1983.
Bobrow, D.G. et al. CommonLoops: Merging Common Lisp and Object-Oriented Programming, Intelligent Systems Laboratory Series ISL-85-8, Xerox PARC, Palo Alto, CA., 1985.
Chou, H.T. and W. Kim, “A Framework for Versions in a CAD Environment,” Proc. 12th Int. Conf. on Very Large Data Bases, August 1986, Kyoto, Japan.
Date, C. J. “A Guide to DB2,” Addison-Wesley (1985).
Fernandez, E. B., R. C. Summers, C. D. Coleman, “An Authorization Model for a Shared Database,” Proc. 1975 ACM-SIGMOD Int. Conference, ACM, New York (1975).
Fernandez, E. B., R. C. Summers, T. Lang. “Definition and Evaluation of Access Rules in Data Management Systems,” Proc. 1st Int. Conf. on Very Large Data Bases, Boston (1975).
Fernandez, E. B., R. C. Summers, C. Wood, “Database Security and Integrity,” Addison-Wesley (1981).
Goldberg, A. “Introducing the Smalltalk-80 System,” Byte, vol. 6, no. 8, August 1981, pp. 14–26.
Goldberg, A. and D. Robson. Smalltalk-80: The Language and its Implementation, Addison-Wesley, Reading, MA 1983.
Graham, G.S. and P.J. Denning, “Protection: Principles and Practice,” AFIPS Conf. Proc. 40, 1972 SJCC, pages 417–429, AFIPS Press, Montvale, N.J., 1972.
Griffiths, P.P. and B.W. Wade, “An Authorization Mechanism for a Relational Database System,” ACM Transactions on Database Systems, Volume 1, Number 3, September 1976), pages 242–255.
Kim, W., et al. “Composite Object Support in an Object-Oriented Database System,” in Proc. Object-Oriented Programming Systems, Languages, and Applications, October 1987, Orlando, Florida.
Lampson, B.W. “Protection,” Proc. of the 5th Annual Princeton Conf. on Information Sciences and Systems, (1971).
Stefik, M., and D.G. Bobrow, “Object-Oriented Programming: Themes and Variations,” The Al Magazine, January 1986, pp. 40–62.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1988 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rabitti, F., Woelk, D., Kim, W. (1988). A model of authorization for object-oriented and semantic databases. In: Schmidt, J.W., Ceri, S., Missikoff, M. (eds) Advances in Database Technology—EDBT '88. EDBT 1988. Lecture Notes in Computer Science, vol 303. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-19074-0_56
Download citation
DOI: https://doi.org/10.1007/3-540-19074-0_56
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-19074-5
Online ISBN: 978-3-540-39095-4
eBook Packages: Springer Book Archive