An Access Control Model for DBMS Based on Dynamic Context Stack
-
Graphical Abstract
-
Abstract
Stored procedures are dynamic entities in DBMSs. Determination of the privileges set of their execution is a key problem of the effective access control of DBMSs. Approaches usually adopted violate the principle of “least privilegs”, which leads to a series of security vulnerabilities of DBMSs. In addition, the cascading execution of stored procedures brings about difficulties of limiting the scope of the application of the privileges set. According to these difficulties, a DBMS access control model based on dynamic context stack is presented, which takes operation sequences as its input and determines the privileges set of the execution of stored procedure based on the context stack. It not only supports the principle of “least privilegs” well, but has good property of manageability and scalability.
-
-