Method Of The Fine-Grained Access Control Based On Authorization View

Database applications with large numbers of users and more sensitivity ofdata information are widely used. The safety of database becomes more andmore important. To ensure all data from unauthorized examination and revision,we must restrict the user to carry out the access control among the data. In thispaper, we analyse the research situation about access control in domestic andabroad. Meanwhile, we make a comprehensive study about the implementationof fine-grained access control at the database level.Firstly, we introduce the meaning of access control and the relationshipwith other security techniques. Then we analyze the present situation of accesscontrol techniques in domestic and abroad. Meanwhile, we point out the existinginsufficiency.Secondly, according to the need of fine-grained access control, we analyzethe traditional mechanism and enumerate two existing model: Virtual PrivateDatabase and Truman model. In the end, we analyze the advantages anddisadvantages.Thirdly, we present the authorization mechanism in SQL and exactlycharacterize the class of queries, which we call conditionally valid queries. Thenwe build a framework of a new access control model. With a lot of inferencerules we check the validity of queries and decide whether the user is authorized.We demonstrate the practicality of our techniques by describing how an existingquery optimizer can be extended to perform access control checks. Meanwhile,we incorporate the viewpoint of query containment to the authorization view.Then we can present a more efficient idea to check the validity. A detailedanalyze is presented about the judgment of unconditional validity of conjunctivequery. Based on this, we give an algorithm to analyse conditional validity andthe complexity. Then we can know how to solve the problem under bagsemantics. But the problem of conditional authorization under set semanticsmust be solved from a new point.Finally, we construct fine-grained restricted language to be specified on theaccess control to data in a table at the level of a raw, a column, or a cell based onHippocratic database system and give the algorithm to carry out the given goal.Then we prove the correctness and completeness of the algorithm. In the end,we do some experiment in the simulated environment.