AN EXTENDED AUTHORIZATION MODEL FOR RELATIONAL DATABASES

We propose two extensions to the authorization model for relational da tabases defined originally by Griffiths and Wade. The first extension concerns a new type of revoke operation, called noncascading revoke op eration. The original model contains a single, cascading revoke operat ion, meaning that when a privilege is revoked from a user, a recursive revocation takes place that deletes all authorizations granted by thi s user that do not have other supporting authorizations. The new type of revocation avoids the recursive revocation of authorizations. The s econd extension concerns negative authorization which permits specific ation of explicit denial for a user to access an object under a partic ular mode. We also address the management of views and groups with res pect to the proposed extensions.