A medical database case study for reflective database access control

Lars E. Olson, Carl A. Gunter, Sarah Peterson Olson

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Reflective Database Access Control (RDBAC) is a model in which a database privilege is expressed as a database query itself, rather than as a static privilege in an access control matrix. RDBAC aids the management of database access controls by improving the expressiveness of policies, enabling enforcement at the database level rather than at the application level. This in turn facilitates the creation of new applications without the need for duplicating security enforcement in each application. Past work has proposed the use of the Transaction Datalog (TD) language as a theoretical basis for RDBAC. We present a case study for a medical database using TD. This case study includes a wide range of access patterns for which RDBAC provides a simple method for formulating policies, demonstrating the flexibility of RDBAC as well as the practicality and scalability of using such a system in real-world applications that require non-trivial policy definitions on large data sets.

Original languageEnglish (US)
Title of host publicationProceedings of the 1st ACM Workshop on Security and Privacy in Medical and Home-Care Systems, SPIMACS '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
Pages41-51
Number of pages11
DOIs
StatePublished - 2009
Event1st ACM Workshop on Security and Privacy in Medical and Home-Care Systems, SPIMACS '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09 - Chicago, IL, United States
Duration: Nov 9 2009Nov 13 2009

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221

Other

Other1st ACM Workshop on Security and Privacy in Medical and Home-Care Systems, SPIMACS '09, Co-located with the 16th ACM Computer and Communications Security Conference, CCS'09
CountryUnited States
CityChicago, IL
Period11/9/0911/13/09

Keywords

  • Case study
  • Medical database
  • Reflective database access control

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'A medical database case study for reflective database access control'. Together they form a unique fingerprint.

Cite this