R.P. van de Riet and J. Beukering. The integration of security and integrity constraints in mokum, 1994. Paper submitted to 8th IFIP 11.3 Working Conference on Database Security.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....can be encouraged by enforcing constraints which ensure the state is always valid and by subjecting inputs to separation of duty. Reind van de Reit and Beukering describe how constraints involving integrity and security can be specified in MOXUM, their active object oriented knowledge base system [van de Reit 94] Their premise is that changes to the database should be governed by rules in the form of integrity constraints and security checks. In this case, integrity constraints refer to the quality of the data, while security constraints refer to protection and access rights. Both kinds of constraints ....

R. van de Reit and J. Beukering. The Integration of Security and Integrity Constraints in MOKUM. In Proceedings of the 8th IFIP 11.3 WG on Database Security. Bad Sdzdetfurth, Germany, 23-26 August 1994.

....at the level of types. 2.5.2 Restrictions as constraints With restrictions Mokum offers a mechanism to define a certain class of constraints. A constraint is a formula which restricts some properties of some collections of objects. For a classification of all possible kinds of constraints see [van de Riet and Beukering, 1994]. Restrictions are always connected to a type and one or more attributes. Furthermore, restrictions are inheritable. Attribute flags like obligatory and derived attributes can also be considered as a certain kind of restriction. An example of a simple two attribute restriction for a person is: ....

....in Mokum where these checks for multiple object constraints can be put is the script part of the object or the keeper of the collection involved in these constraints. All multiple object integrity constraints, including constraints on two or more collections can be maintained by means of scripts [van de Riet and Beukering, 1994]. For instance, you could want to specify that the intersection of two collections should always be empty. This can be accomplished by letting each object send the other object a message, when a new member is to be added into a collection, asking to confirm if the member is already in the other ....

R.P. van de Riet and J. Beukering. The integration of security and integrity constraints in mokum, 1994. Paper submitted to 8th IFIP 11.3 Working Conference on Database Security.

....they are located in quite different worlds, with their own protection rules. In Figure 1 these worlds are shown. There are fire proof walls between these worlds to protect private information. We will assume that private information is kept in attributes declared private in Mokum terminology [10, 11]. We will say a few words here about problems connected to the protection problems. In a more general setting these are dealt with in [13, 8] and in the more specific Mokum environment in [10, 11, 12] We simply assume that the following rules from Mokum are implemented: the epistemic rule ....

....will assume that private information is kept in attributes declared private in Mokum terminology [10, 11] We will say a few words here about problems connected to the protection problems. In a more general setting these are dealt with in [13, 8] and in the more specific Mokum environment in [10, 11, 12]. We simply assume that the following rules from Mokum are implemented: the epistemic rule which says that private attributes of some type can be read and changed within the script of a subtype; the same holds for so called keepers of a collection of objects of some type; the ontological ....

R.P. van de Riet and J. Beukering. The Integration of Security and Integrity Constraints in Mokum. In J. Biskup, M. Morgenstern, and C.E. Landwehr, editors, Database Security, VIII, Status and Prospects, pages 223--246. IFIP, North-Holland, 1994.

....role. In earlier papers we discussed the concept of alter egos [26] and the derivation of security and privacy rules for a Workflow system using them [8] In [8] we also presented an example implementation which was based on a specific Prolog based object oriented system called Mokum [22]. The intention of this paper is to provide an orderly framework for these concepts and to discuss a more generalized implementation architecture which can be based on existing technologies of the Web and Object oriented systems. The framework is based on three levels: Modelling, Specification ....

Van de Riet, R.P., and Beukering, J., "The integration of security and integrity constraints in Mokum", in Biskup, J., Morgenstern, M., and Landwehr, C. E. (eds.), Database Security, VIII, Status and Prospects, IFIP, North-Holland, 1994, pp. 223-246. 25

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC