Developers of database applications use software solutions like Hibernate, Java Database Connectivity and ADO.net to ease its development. These solutions were developed with the aim of integrating the paradigm of relational databases with the paradigm of object-oriented programming languages. Access control was not contemplated by these solutions, leading to the need of developing for each application, the necessary security mechanisms. Additionally, in situations where access control policies dynamically evolve, there is no way to automatically adjust the respective access control mechanisms. To solve this problem we propose the development of a Dynamic Access Control architecture for relational databases systems. In this architecture, the main component is its own business logic that contains objects derived from access control policies that are required for user interaction with databases. This component adapts dynamically at runtime to changes made in the access control policies stored in a database. In this context, although the principle of dynamically adaptable systems to access control policies is not new, existing software solutions are somewhat limited in this aspect. So in this work, we present and implement a dynamic access control architecture (DACA) which allows the automatic adaptation at runtime of the access control mechanisms implemented at the business logic level.
Publisher: RIA - University of Aveiro