RBAC+: Protecting Web Databases With Access Control Mechanism
Journal Title: INTERNATIONAL JOURNAL OF MANAGEMENT & INFORMATION TECHNOLOGY - Year 2012, Vol 2, Issue 1
Abstract
With the wide adoption of Internet, security of web database is a key issue. In web-based applications, due to the use of n-tier architecture, the database server has no knowledge of the web application user and hence all authorization decisions are based upon execution of specific web application. Application server has full access privileges to delegate to the end user based upon the user requirement. The identity of the end user is hidden , subsequently database server fails to assign proper authorizations to the end user. Hence, current approaches to access control on databases do not fit for web databases because they are mostly based on individual user identities. To fill this security gap, the definition of application aware access control system is needed. In this paper, RBAC+ Model, an extension of NIST RBAC provides a application aware access control system to prevent attacks with the notion of application, application profile and sub-application session.
Authors and Affiliations
Archna Arudkar, Vimla Jethani
Keywords
Related Articles
- EP ID EP654164
- DOI 10.24297/ijmit.v2i1.1407
- Views 152
- Downloads 0
A Quality Outcome Assessment of Learning Discrete Mathematics Course The Case of University Students
Teaching a mathematics foundation course such as Discrete Mathematics for an information technology curriculum is always a challenge. The challenge may be identifying students mathematical backgrounds early and the...
An Exclusive Study of NGOs Leaders Working Style
NGO leaders often face extraordinary challenges both at a personal and organisational level. They work for long hours with limited resources in uncertain and volatile political and economic environment to help the...
Innovative Service-Oriented Information System for supporting Mobility in Ubiquitous Spaces: A Role Driven Approach
Conventional architectures based on a central servers are not suitable and cannot scale well in a distributed and high dynamic computing enviroment. Futuristic ubiquitous landscape requires the development of robust, rel...
Trust Models in Cloud Computing - A Perspective
Cloud computing is a new paradigm in which dynamically scalable virtualized computing resources, services and information are provided as a service among the people and organizations across the globe over the Internet. T...
SOCIAL NETWORKING SITES AND CONSUMER ENGAGEMENT
The growth of the social networking phenomenon across the Internet led by social networking sites like Facebook, Twitter and LinkedIn etc. has altered the playing field for business and consumer marketers of all so...