Significance of Access Control in Database security – annotated bibliography

Significance of Access Control in Database security – annotated bibliography

Kuijper, W., & Ermolaev, V. (2014, June). Sorting out role-based access control. In Proceedings of the 19th ACM symposium on Access control models and technologies (pp. 63-74).

Access control modeling framework based on user roles is a popular choice. The researchers have worked to determine a portion of popular framework and base their work upon the fact that the classic role-based access control would come up when aspects of subject management and permission management are blended into a unitary indirection object. In the study, the researchers have recognized the different perspectives of administration and have presented two principal objects of indirection – the demarcation (exclusive applicability on permission) and the proper role (exclusive applicability on the subject). These two objects were then linked to determine a third perspective – access management, and administrative perspective that can enable the organizations to enhance their scalability. The main principle would be to decouple the responsibility of abstraction maintenance over the subject (subject assignment as per proper roles), permission set abstraction maintenance (permission assignment into demarcations), and access control policy abstract maintenance (role access grant to demarcations). The identifications are aligned with one of the primary identifications of the study – bi-sorted RBAC, an RABC fragment. The conceptual refinements of the study introduce negative roles, and thus, negative demarcations as a corollary. The Galois connections existing between the subject and permission sets and the positive and negative roles make the four-sorted extension relevant in a semantic way.

Karataş, G., & Akbulut, A. (2018). Survey on Access Control Mechanisms in Cloud Computing. Journal of Cyber Security and Mobility, 7(3), 1-36.

Cloud computing is, no doubt, one of the latest innovations of Information Technology in the present times. It has turned out to be a promising subject based on which various services and internet-based applications are being developed by numerous organizations across the world. The present paper is based upon 109 articles carefully chosen from previous sources of research literature conducted on the topic over the past ten years, which were again used to compare the findings of this research. The end-users tend to enjoy the remarkable benefits. On the date, it is possible to scale the distributed services provided by cloud computing over the web. The use of some background mechanism can make this scaling happen almost instantly. The security risks are often increased due to a lack of control of the end-users over the resources of control access. Further, it can also result in system failure. The researchers in this paper have worked to identify the seven different mechanisms of access control that are commonly being used for a variety of purposes in cloud computing. In addition, the study also discusses the pros and cons of the different models of access control that were developed from earlier service-based frameworks. The NSIT metrics were considered as the standard reference for the various assessments made during the study.

Takabi, H., Joshi, J. B., & Ahn, G. J. (2010). Security and privacy challenges in cloud computing environments. IEEE Security & Privacy, 8(6), 24-31.

Various researchers, scholars, and industry experts have mentioned cloud computing to be one of the most evolving paradigms that will soon take over the task of offering solutions to most of the network problems. The tremendous momentum at which it was evolving at the time of the study presented various security threats and privacy challenges for the users. The challenges have been identified to be the exacerbations of the unique aspects that cloud computing comes with. In the study, the researchers have explored an extensive collection of peer-reviewed articles and research works to understand the hurdles that exist towards increasing the trustworthiness of the environment of cloud computing. The authors then explore the various possible solutions that could be used to overcome the roadblocks for the successful adoption of cloud computing. The standards set by the National Institute of Standards and Technology in the US have been used to understand the various terms and factors related to the security issues of the end-user and their sensitive data present within the cloud computing environment. The ways to enhance the privacy of user data has also been discussed by the researchers. The study has presented valuable directions for future studies to be conducted on the topic.

Fernandez, E. B., Mujica, S., & Valenzuela, F. (2011, October). Two security patterns: least privilege and security logger and auditor. In Proceedings of the 2nd Asian Conference on Pattern Languages of Programs (pp. 1-6).

The researchers in this paper have worked to identify and describe the two primary patterns of security of access control. Based on these two patterns, the fundamental aspects of database security have been described in the study. Those include the least privilege and security logger/auditor. Various essential and pertinent questions have been considered in respect of the two aspects mentioned above, the answers to which have presented significant answers to the security issues under consideration. The primary question in regards to the aspect of least privilege was how to cut down the misuse of data or resources by the users who work for the institution. The best solution to this question can be the provision of only the rights that are necessary to perform the specific functions assigned to the users for the process executions and nothing more than that. The prime question in the aspect of logging or auditing the security was to ways to maintain a track of the actions of the users. It would be helpful in the determination of whose actions lead to what consequences and when the action was done. The best solution has been found to log every user action based on security sensitivity and make provision of controlled access for recording audits.

Murray, M. C. (2010). Database security: What students need to know. Journal of information technology education: Innovations in practice, 9, IIP-61.

Database security and access control have been one of the most trending topics of recent times. The knowledge base in this area is continually expanding as more and more innovations are being introduced to enhance security. However, expanding the knowledge base on access control issues is just not enough if it cannot be effectively shared. The risks are also on the rise as it is tough to convey the knowledge effectively. The researchers in this study have addressed the primary challenges with respect to conveying the knowledge materials of database security and access control through the incorporation of interactive module sets of software into the sub-topics. The modules used for this paper are segments from an animated project on database courseware designed to sustain the database concept teachings. The primary domains covered in the selected courseware include the design of the database, SQL (structured query language), security aspects of the database, and database transactions. The researchers have presented a security module that will allow the learners with the ability to explore the aspects of SQL injection, access control, database inference, auditing, and security matrices. The challenges identified during the study have also been successfully addressed through the research. It has made the transition of knowledge materials significantly easier.