Maintaining replicated authorizations in distributed database systems

作     者：Samarati, P Ammann, P Jajodia, S 

作者机构：GEORGE MASON UNIVCTR SECURE INFORMAT SYSTDEPT INFORMAT & SOFTWARE SYST ENGNFAIRFAXVA 22030 MITRE CORPMCLEANVA 22012 

出 版 物：《DATA & KNOWLEDGE ENGINEERING》 (数据与知识工程)

年 卷 期：1996年第18卷第1期

页      面：55-84页

核心收录：

学科分类：08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：National Science Foundation  NSF  (CCR-9202270) 

主　　题：distributed database systems authorization management access control 

摘      要：We consider the propagation of authorizations in distributed database systems. We present an optimistic replica control algorithm that ensures that the authorization table at any given site evolves consistently with respect to other sites. The motivation for using optimistic replica control to maintain authorizations is that site and communication failures do not needlessly delay authorization changes. In addition, the semantics of the authorization operations we employ can be exploited to resolve transient inconsistencies without the expense of an undo-redo mechanism. Instead, we give efficient, direct algorithms whereby a site scans its log of authorization requests and updates its authorization table correspondingly. From the system perspective, any inconsistencies in the authorization table replicas maintained at different sites are transient and are eliminated by further communication. We show how a site can prune its authorization log by the use of a matrix that records how current remaining sites in the system are.