Validating and implementing security patterns for database applications

Arnon Sturm, Jenny Abramov, Peretz Shoval

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Security in general and database protection from unauthorized access in particular, are crucial to organizations.
Security and authorization patterns encapsulate accumulated knowledge and best practices in this area. Correct application of security and authorization patterns will ensure effective access
control to the database. For example, the Role-Based Access Control (RBAC) security pattern describes a general solution regarding who is authorized to access specific resources and
which access privileges they have, based on user roles.
Unfortunately, patterns alone do not provide concrete guidance for their application, and thus there is a need for validating their correct usage. We propose a methodical approach for
implementing security patterns for access control in database applications. This approach provides implementation guidelines to the designer of the application model, validation of the correct
usage of the patterns, and automatic generation of secure database schemata.
Original languageEnglish GB
Title of host publicationProceedings of the Third International Workshop on Software Patterns and Quality (SPAQu’09)
EditorsHironori Washizaki, Nobukazu Yoshioka, Eduardo B. Fernandez, Jan J¨urjens
Pages40
Number of pages1
StatePublished - 2009

Publication series

NameGRACE TECHNICAL REPORTS
ISSN (Electronic)1884-0760

Fingerprint

Dive into the research topics of 'Validating and implementing security patterns for database applications'. Together they form a unique fingerprint.

Cite this