We consider the propagation of authorizations in distributed database systems. We present an optimistic replica control algorithm that ensures that the authorization table at any given site evolves consistently with respect to other sites. The motivation for using optimistic replica control to maintain authorizations is that site and communication failures do not needlessly delay authorization changes. In addition, the semantics of the authorization operations we employ can be exploited to resolve transient inconsistencies without the expense of an undo-redo mechanism. Instead, we give efficient, direct algorithms whereby a site scans its log of authorization requests and updates its authorization table correspondingly. From the system perspective, any inconsistencies in the authorization table replicas maintained at different sites are transient and are eliminated by further communication. We show how a site can prune its authorization log by the use of a matrix that records how current remaining sites in the system are.

Maintaining replicated authorizations in distributed database systems / P. Samarati, P. Ammann, S. Jajodia. - In: DATA & KNOWLEDGE ENGINEERING. - ISSN 0169-023X. - 18:1(1996 Feb), pp. 55-84.

Maintaining replicated authorizations in distributed database systems

P. Samarati
Primo
;
1996-02

Abstract

We consider the propagation of authorizations in distributed database systems. We present an optimistic replica control algorithm that ensures that the authorization table at any given site evolves consistently with respect to other sites. The motivation for using optimistic replica control to maintain authorizations is that site and communication failures do not needlessly delay authorization changes. In addition, the semantics of the authorization operations we employ can be exploited to resolve transient inconsistencies without the expense of an undo-redo mechanism. Instead, we give efficient, direct algorithms whereby a site scans its log of authorization requests and updates its authorization table correspondingly. From the system perspective, any inconsistencies in the authorization table replicas maintained at different sites are transient and are eliminated by further communication. We show how a site can prune its authorization log by the use of a matrix that records how current remaining sites in the system are.
Distributed database systems ; Authorization management ; Access control
Settore INF/01 - Informatica
Article (author)
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

Caricamento pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/2434/179748
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 15
  • ???jsp.display-item.citation.isi??? 10
social impact