Authorization and Access Control in IRO-DB

Abstract

The paper describes authorization and access control in the IRO-DB database system, a system supporting interoperable access between relational and object-oriented databases. The security policy developed is a federated, administrative discretionary access control policy which supports positive, negative, as well as implied authorization, includes a procedure for conflict resolution within the set of specified authorization rules, and concentrates on role-based security. 1 Introduction An increasing number of database applications need to work on data which are stored by using several different file systems or are spread over existing possibly heterogeneous databases. This has led to a lot of research and classifications in the field of heterogeneous database systems, database federations, multidatabases, and interoperable systems. A classification of federated database systems (FDBS) depending on the management of the federation is given in [15]. A federated database system (FDBS) co..