Extending SQL's Grant and Revoke Operations, to Limit and Reactivate Privileges

13 years 6 months ago

Download www.cs.bc.edu

We propose two extensions to the SQL grant/revoke security model. In SQL, grants are unconditional, so the grantor must simply trust the recipient's discretion. We allow a grantor to impose limitations on how the received privilege may be used. Second, we provide a new means of selectively reactivating permissions that have been revoked. Although our examples are from DBMSs, the results (other than the treatment of views) apply to arbitrary sets of privileges, and to systems without a query language.

Arnon Rosenthal, Edward Sciore

Real-time Traffic

DBSEC 2000 | DBSEC 2007 | Query Language | Recipient's Discretion | SQL Grant/revoke Security |

claim paper

Post Info
More Details (n/a)

Added	01 Nov 2010
Updated	01 Nov 2010
Type	Conference
Year	2000
Where	DBSEC
Authors	Arnon Rosenthal, Edward Sciore

Comments (0)

Sciweavers

Extending SQL's Grant and Revoke Operations, to Limit and Reactivate Privileges

DBSEC 2000 | DBSEC 2007 | Query Language | Recipient's Discretion | SQL Grant/revoke Security |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers