Static Detection of Security Flwas in Object-Oriented Databases

by Keishi Tajima


We propose a model of access control in object-oriented databases. In the model, the granularity of access control is function invocations on data objects. The users are granted rights to invoke composed functions instead of rights to invoke primitive operations. Although primitive operations are invoked inside composed functions, the users can invoke them only through the granted functions. This achieves access control in abstract operation level. Access control utilizing encapsulation of functions, however, easily causes many ``security flaws'' through which malicious users can bypass the encapsulation and can abuse the primitive operations inside the functions. In this paper, we develop techniques to statically detect such security flaws. First, we design a framework to describe security requirements that should be satisfied. Then, we develop an algorithm that syntactically analyzes program code of the functions and determines whether given security requirements are satisfied or not. This algorithm is sound, that is, whenever there is a security flaw, it detects it.

Full Text: free download from ACM

Slides: pdf

BibTex entry


object-oriented database, object-oriented programming, security flaw, security analysis, program analysis, encapsulation, abstract data type, method, protection, access control
Published in Proc. of ACM SIGMOD'96, pp.341-352, Jun. 1996, Montreal, Canada.

Copyright © 1996 by the Association for Computing Machinery, Inc. Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.
tajima@i.kyoto-u.ac.jp / Fax: +81(Japan) 75-753-5978 / Office: Research Bldg. #7, room 404