Discretionary Security for Object-Oriented Database Systems
Final rept. Mar 89-Aug 90,
CALSPAN UB RESEARCH CENTER BUFFALO NY
Pagination or Media Count:
The discretionary access controls in todays computer systems are designed to enforce a specific access control policy. An application whose access control policies do not easily match the policy that is wired into the system is forced to work around that wired-in policy. As a result, the application itself must enforce discretionary security and cannot make use of the assurances of the computer systems discretionary access controls. This report presents a flexible approach to discretionary access control that allows the implementation of arbitrary access control policies. The generality of the approach allows a user to implement a discretionary access control policy that is tailored to an application, rather than having to work around a specific policy that is wired into the computer system. The report focuses on discretionary controls for object-oriented systems. Object-oriented systems are an emerging technology of great import for applications in business, industry, and the military. Many of these applications must share information among users with different needs and authorizations. The specific access rules desired will vary from application to application. Thus, a flexible approach to discretionary access control for such systems is proposed.
- Computer Systems
- Computer Systems Management and Standards