From MDM to DB2: A Case Study of Security Enforcement Migration

Abstract : This work presents a case study of a migration of attribute-based access control enforcement from the application to the database tier. The proposed migration aims to improve the security and simplify the audit of the enterprise system by enforcing information protection principles of the least privileges and the least common mechanism. We explore the challenges of such migration and implement it in an industrial setting in a context of master data management where data security, privacy and audit are subject to regulatory compliance. Based on our implementation, we propose a general, standards-driven migration methodology.
Document type :
Conference papers
Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.207-222, 2012, Data and Applications Security and Privacy XXVI. 〈10.1007/978-3-642-31540-4_16〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01534771
Contributor : Hal Ifip <>
Submitted on : Thursday, June 8, 2017 - 11:06:36 AM
Last modification on : Thursday, June 8, 2017 - 11:09:27 AM
Document(s) archivé(s) le : Saturday, September 9, 2017 - 12:51:34 PM

File

978-3-642-31540-4_16_Chapter.p...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Nikolay Yakovets, Jarek Gryz, Stephanie Hazlewood, Paul Run. From MDM to DB2: A Case Study of Security Enforcement Migration. Nora Cuppens-Boulahia; Frédéric Cuppens; Joaquin Garcia-Alfaro. 26th Conference on Data and Applications Security and Privacy (DBSec), Jul 2012, Paris, France. Springer, Lecture Notes in Computer Science, LNCS-7371, pp.207-222, 2012, Data and Applications Security and Privacy XXVI. 〈10.1007/978-3-642-31540-4_16〉. 〈hal-01534771〉

Share

Metrics

Record views

193

Files downloads

47