The Research Of Implicit Authorization Problem In Database Management System

With the rapid development of scientific technology and information science, it providespeople with new life experience, but by the meantime, it poses some threat to the safety ofpeople. The technology of security access control and authorization which becomes the keyissue of information security is particularly important in the information resources and largeinformation system of users. Information management system uses access control to the keyissues based on licensed technology and when providing reliable data and information tousers, it can refuse unauthorized access to protect data availability, integrity and consistency.Database management system as a warehouse to store information plays a vital status in theinformation management system. Therefore, Database information management systemfocuses on the security of database system. Implicit authorization is explicitly authorized afterthe formation of rules of derivation. In the authorization management, implicitly authorized isessential for authorization. Uncertainty implicit authorization of the information managementsystem exists hidden danger in the security of information.In this paper, we take research in the issues of implicit authorization of the databasemanagement system and introduce related theory and techniques, including security andthreats of the database, database security measures, access control technology, authorizedmanagement model of database management system etc..This paper presents an improved authorization model and gives some basic definitions ofthe model, and we study the implicit permission type and its producing way. Advancement inthis model is mainly reflected in the improvement of the principal relationship and rolepermissions; furthermore, we proposed public inheritance strategy for the role of inheritance.As for the defect induced by implicit permission, the solution strategies are givenaccording to the different defects, including the authorization control strategy and privilegesrevoked strategies.Finally, we did experimental design and analysis to the proposed improvements andstrategies to certify its feasibility and effectiveness.