On the design and administration of secure database transactions

Krishnamurthy, E. V. ; McGuffin, A. (1992) On the design and administration of secure database transactions ACM SIGMICRO, TCMICRO newsletter, 10 (2-3). pp. 64-71. ISSN 0892-3825

Full text not available from this repository.

Official URL: http://dl.acm.org/citation.cfm?doid=147092.147104

Related URL: http://dx.doi.org/10.1145/147092.147104


This article outlines some of the basic principles involved in the design and administration of a secure transaction service for a database system. Specifically it discusses the case in which the database also maintains personal details of the users in order to facilitate real time user identification. In this design we distinguish two types of identification for the user:-(i) User's self - declared identity and(ii) Machine perceived view of the identity of the user based on the user's behavioural characteristics - such as voice, handwriting, facial features, key - stroke and mouse dynamics.The user's self - declared identity, when valid, would initiate the transaction; however, the continuation of the transaction is dependent upon the machine's perceived view or identity of the user; this view controls the actual database operations that can be handled by the user. This can be achieved by expressing the attributes resulting from the machine's view as logical predicates and incorporating these as integrity constraints in the formal specification of the user's permit for operations on the database. We also briefly indicate how the above design principles can be realised in practice using ORACLE version 7.

Item Type:Article
Source:Copyright of this article belongs to Association for Computing Machinery.
ID Code:85939
Deposited On:06 Mar 2012 13:55
Last Modified:06 Mar 2012 13:55

Repository Staff Only: item control page