Verification of Database Transaction Lock Management in the Presence of Role Based Access Control Policy

Get BibTex-formatted data

Download

PDF

Author

Arjmand Samuel, Arif Ghafoor

Tech report number

CERIAS TR 2006-42

Entry type

techreport

Abstract

In a computing environment where access to system resources is controlled by an access control policy and execution of database transactions is dictated by database locking policy, interaction between the two policies can result in constraints restricting execution of transactions. We present a methodology for the verification of database transaction requirements in a Role Based Access Control (RBAC) environment. Specifically, we propose a step by step approach for the extraction of implicit requirements of a database transaction, and present a mechanism whereby these requirements can be verified against an RBAC policy representation. Based on the requirements of database transaction, we define feasible states of the access control policy which allow the transaction to be executed. We also illustrate the interaction of multiple database transactions executing in a single security environment. Finally, we define conditions in an access control policy, which allow the execution of a database transaction without relying on the underlying database locking policy for serializability and deadlock avoidance.

Download

PDF

Institution

Purdue University

Key alpha

Security

Affiliation

ECE

Publication Date

2001-01-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Techreport{ Security,
	title = "Verification of Database Transaction Lock Management in the Presence of Role Based Access Control Policy",
	author = "Arjmand Samuel, Arif Ghafoor",
	institution = "Purdue University",
	abstract = "In a computing environment where access to system resources is controlled by an access control policy and execution of database transactions is dictated by database locking policy, interaction between the two policies can result in constraints restricting execution of transactions. We present a methodology for the verification of database transaction requirements in a Role Based Access Control (RBAC) environment. Specifically, we propose a step by step approach for the extraction of implicit requirements of a database transaction, and present a mechanism whereby these requirements can be verified against an RBAC policy representation. Based on the requirements of database transaction, we define feasible states of the access control policy which allow the transaction to be executed. We also illustrate the interaction of multiple database transactions executing in a single security environment. Finally, we define conditions in an access control policy, which allow the execution of a database transaction without relying on the underlying database locking policy for serializability and deadlock avoidance. ",
	affiliation = "ECE",
}