D. N. Kolegov, N. O. Tkachenko, “Non-invasive method of mandatory access control implementaion on DBMS layer in web applications”, Prikl. Diskr. Mat. Suppl., 2015, no. 8, 89

Prikladnaya Diskretnaya Matematika. Supplement

RUS ENG

JOURNALS PEOPLE ORGANISATIONS CONFERENCES SEMINARS VIDEO LIBRARY PACKAGE AMSBIB

JavaScript is disabled in your browser. Please switch it on to enable full functionality of the website

	General information
	Latest issue
	Archive

	Search papers
	Search references

	RSS
	Latest issue
	Current issues
	Archive issues
	What is RSS

Prikl. Diskr. Mat. Suppl.:
Year:
Volume:
Issue:
Page:
	Find

Personal entry:
Login:
Password:
	Save password
	Enter
	Forgotten password?
	Register

Prikladnaya Diskretnaya Matematika. Supplement, 2015, Issue 8, Pages 89–92
DOI: https://doi.org/10.17223/2226308X/8/33 (Mi pdma221)

This article is cited in 2 scientific papers (total in 2 papers)

Mathematical Foundations of Computer Security

Non-invasive method of mandatory access control implementaion on DBMS layer in web applications

D. N. Kolegov^a, N. O. Tkachenko^b

^a Tomsk State University, Tomsk
^b Tomsk State University, Tomsk

Full-text PDF (454 kB) Citations (2)

References:

PDF

HTML

DOI: https://doi.org/10.17223/2226308X/8/33

Abstract: We propose non-invasive method of mandatory access control implementation on DBMS MySQL layer in web applications. This method is based on formal DP-models for DBMS MySQL and proxy-based reference monitor for SQL queries. The main idea of the method is identification of users in account-based web applications and SQL query rewriting. Users' identities are added by applicaion's module (Django middleware) and transmitted in comments of SQL queries to MySQL-proxy. After identification of users has been completed, we simulate DBMS's entities identification and row level security by SQL rewriting.

Keywords: access control, web applications, DBMS security.

Document Type: Article

UDC: 004.94

Language: Russian

Citation: D. N. Kolegov, N. O. Tkachenko, “Non-invasive method of mandatory access control implementaion on DBMS layer in web applications”, Prikl. Diskr. Mat. Suppl., 2015, no. 8, 89–92

Citation in format AMSBIB

\Bibitem{KolTka15}

\by D.~N.~Kolegov, N.~O.~Tkachenko

\paper Non-invasive method of mandatory access control implementaion on DBMS layer in web applications

\jour Prikl. Diskr. Mat. Suppl.

\yr 2015

\issue 8

\pages 89--92

\mathnet{http://mi.mathnet.ru/pdma221}

\crossref{https://doi.org/10.17223/2226308X/8/33}

Linking options:

https://www.mathnet.ru/eng/pdma221

https://www.mathnet.ru/eng/pdma/y2015/i8/p89

This publication is cited in the following 2 articles:

Citing articles in Google Scholar: Russian citations, English citations
Related articles in Google Scholar: Russian articles, English articles

Prikladnaya Diskretnaya Matematika. Supplement

Statistics & downloads:
Abstract page:	163
Full-text PDF :	54
References:	36

Что такое QR-код?

Registration to the website

Logotypes