The SQL access control model defines which authorization identifiers [i.e., users] can access specific data.
Theory and Applications
SQL access control is based on privileges assigned to authorization identifiers to access objects [1–3]. The creator of an object in a database is its owner and can perform any action on the object. By default, no other user can access the object unless the owner grants specific privileges to that user. The granting process assigns a privilege on an object to one or more authorization identifiers, which can be either user identifiers, role names, or PUBLIC. A user identifier represents a user of the DBMS and is defined in an implementation-dependent way; SQL does not define how OS users are mapped to SQL users. A role name R represents a role and identifies a set of privileges: those directly granted to R and those of the roles granted to R. The PUBLICidentifier is used to...
This is a preview of subscription content, access via your institution.
Buying options
Chapter
EUR 29.95
Price includes VAT [Singapore]- DOI: 10.1007/978-1-4419-5906-5_690
- Chapter length: 4 pages
- Instant PDF download
- Readable on all devices
- Own it forever
- Exclusive offer for individuals only
- Tax calculation will be finalised during checkout
eBookEUR 748.99Price includes VAT [Singapore]
- ISBN: 978-1-4419-5906-5
- Instant PDF download
- Readable on all devices
- Own it forever
- Exclusive offer for individuals only
- Tax calculation will be finalised during checkout
Hardcover BookEUR 799.99Price excludes VAT [Singapore]
- ISBN: 978-1-4419-5905-8
- Dispatched in 3 to 5 business days
- Exclusive offer for individuals only
- Free shipping worldwide
Shipping restrictions may apply, check to see if you are impacted. - Tax calculation will be finalised during checkout
Learn about institutional subscriptions
SQL Access Control Model. Fig. 1
SQL Access Control Model. Fig. 2
De Capitani di Vimercati S, Samarati P, Jajodia S [2001] Database security. In:Marciniak J [ed] Wiley Encyclopedia of Software Engineering. Wiley, New York Google Scholar Samarati P, De Capitani di Vimercati S [2001] Access control: Policies, models, and mechanisms. In:Focardi R, Gorrieri R [eds] Foundations of Security Analysis and Design. LNCS, vol 2171. Springer, Berlin CrossRef Google Scholar Database Language SQL [2008] ISO International Standard, ISO/IEC 9075–∗:2008Recommended Reading
Google Scholar
Download references
Author information
Authors and Affiliations
Prof., Dr., Dipartimento di Tecnologie dell’Informazione [DTI], Università degli Studi di Milano, Via Bramante 65, 26013, Crema [CR], Italy
Sabrina De Capitani di Vimercati & Giovanni Livraga
Authors
- Sabrina De Capitani di Vimercati
View author publications
You can also search for this author in PubMed Google Scholar
- Giovanni Livraga
View author publications
You can also search for this author in PubMed Google Scholar
Editor information
Editors and Affiliations
Department of Mathematics and Computing Science, Eindhoven University of Technology, 5600 MB, Eindhoven, The Netherlands
Henk C. A. van Tilborg
Center for Secure Information Systems, George Mason University, Fairfax, VA, 22030-4422, USA
Sushil Jajodia
Rights and permissions
Reprints and Permissions
Copyright information
© 2011 Springer Science+Business Media, LLC
About this entry
Cite this entry
Vimercati, S.D., Livraga, G. [2011]. SQL Access Control Model. In: van Tilborg, H.C.A., Jajodia, S. [eds] Encyclopedia of Cryptography and Security. Springer, Boston, MA. //doi.org/10.1007/978-1-4419-5906-5_690