Tool support for enforcing security policies on databases

Jenny Abramov, Omer Anson, Arnon Sturm, Peretz Shoval

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Security in general and database protection from unauthorized access in particular, are crucial for organizations. It has long been accepted that security requirements should be considered from the early stages of the development process. However, such requirements tend to be neglected or dealt-with only at the end of the development process. The Security Modeling Tool presented in this paper aims at guiding and enforcing developers, in particular database designers, to deal with database authorization requirements from the early stages of the development process. In this paper we demonstrate how the Security Modeling Tool assists the various stakeholders in designing secure database code and describe the tool architecture.

Original languageAmerican English
Title of host publicationIS Olympics
Subtitle of host publicationInformation Systems in a Diverse World - CAiSE Forum 2011, Selected Extended Papers
PublisherSpringer Verlag
Pages126-141
Number of pages16
ISBN (Print)9783642297489
DOIs
StatePublished - 1 Jan 2012
EventCAiSE Forum 2011 on IS Olympics: Information Systems in a Diverse World - London, United Kingdom
Duration: 20 Jun 201124 Jun 2011

Publication series

NameLecture Notes in Business Information Processing
Volume107 LNBIP

Conference

ConferenceCAiSE Forum 2011 on IS Olympics: Information Systems in a Diverse World
Country/TerritoryUnited Kingdom
CityLondon
Period20/06/1124/06/11

Keywords

  • authorization
  • database design
  • Secure software engineering

All Science Journal Classification (ASJC) codes

  • Management Information Systems
  • Control and Systems Engineering
  • Business and International Management
  • Information Systems
  • Modelling and Simulation
  • Information Systems and Management

Cite this