| Access control technology is a critical problem to ensure the security of distributed information system. It has got a broadly study by many researches. Authorization is the kernel issue of access control, and can be divided into two types: explict authorization and implicit authorization. Because of the structure orgnazation and data storage of traditional Relational Database (hereafter called RDB for short), there exist some application limitations, such as unsupport to the negative authorization, redundancy of the authorization data, more storage space used, coarse size authorization and so on.Object-Oriented Database (reffered as OODB) is more comprehensive to fit for the Object-Oriented software design model.Its structure is more complex than traditional database. Implicit authorizstion is an important aspect in authorization mechanism. Since OODB organized its object types in the structure of class hierarchy; its implicit authorization has the characteristics such as higher technical feasibility and consistency. Implict authorization technology of Object-Oriented Database can provide a more precise control, and effectively increase the security and flexibility of authorized strategy by using the negative authorization. It reduced the complexity of authorization data and sensitivity of security threats, to make up the shortcomings of authorization technology of relational database in some sense.Further more, supporting the Object-Oriented data model, Object-Oriented Database (referred as OODB) has a broad development prospect, since it has some obvious application advantages and on a certain extent has ever solved some technical bottle-neck of traditional RDB. Making researches on the authorization mechanism can effectively improve the authorization technology of the OODB. It would not only promote the advantages on orgnazation and application of OODB, but also improve its security quality.The maily research works of this paper are:①Started from the real project case system, this paper illustrated the important function of the authorization control in information systems, made a research on the traditional authorization implement technology and its application limitation. advantures, features and the implicit authorization technology of OODB were proposed.②The secure authorization mode was analysed, and hierarchy structures of three tuples- authorization subjects, authorization objects and access operation, were developed. Futher more, the implicit authorization deducing model on hierachies structures of each tuples have been deeply researched with the formalization description mode approach. The deducing direction of implicit authorization was also extended.③This paper focused on the establishment of the implicit authorization deducing model. The experiment and anaysis have also carried out in the instance of Object-Oriented system. It has been validated that the implicit authorization in the Object-Oriented model is viable and reasonable. It is futher showed the meaning and value of the research on the implicit authorization technology of Object-Oriented Database. |
PDF Full Text Request