A FLEXIBLE FRAMEWORK FOR APPLYING DATA ACCESS AUTHORIZATION BUSINESS RULES

Leonardo Guerreiro Azevedo, Sergio Puntar, Raphael Thiago, Fernanda Baião, Claudia Cappelli

2010

Abstract

This work proposes a flexible framework for managing and implementing data access authorization business rules on top of relational DBMSs, in an independent way for the applications accessing a database. The framework adopts the RBAC policy definition approach, and was implemented on Oracle DBMS. Therefore, data access security is managed by the data server layer in a centralized manner, rather than in each application that accesses data, and is enforced by the database server. Experimental tests were executed using the TPCH Benchmark workload, and the results indicate the effectiveness of our proposal.

Paper Citation

in Harvard Style

Guerreiro Azevedo L., Puntar S., Thiago R., Baião F. and Cappelli C. (2010). A FLEXIBLE FRAMEWORK FOR APPLYING DATA ACCESS AUTHORIZATION BUSINESS RULES . In Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 1: ICEIS, ISBN 978-989-8425-04-1, pages 275-280. DOI: 10.5220/0002909602750280

in Bibtex Style

@conference{iceis10,
author={Leonardo Guerreiro Azevedo and Sergio Puntar and Raphael Thiago and Fernanda Baião and Claudia Cappelli},
title={A FLEXIBLE FRAMEWORK FOR APPLYING DATA ACCESS AUTHORIZATION BUSINESS RULES},
booktitle={Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 1: ICEIS,},
year={2010},
pages={275-280},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002909602750280},
isbn={978-989-8425-04-1},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 12th International Conference on Enterprise Information Systems - Volume 1: ICEIS,
TI - A FLEXIBLE FRAMEWORK FOR APPLYING DATA ACCESS AUTHORIZATION BUSINESS RULES
SN - 978-989-8425-04-1
AU - Guerreiro Azevedo L.
AU - Puntar S.
AU - Thiago R.
AU - Baião F.
AU - Cappelli C.
PY - 2010
SP - 275
EP - 280
DO - 10.5220/0002909602750280