{"id":"https://openalex.org/W2005236917","doi":"https://doi.org/10.1145/1455770.1455808","title":"A formal framework for reflective database access control policies","display_name":"A formal framework for reflective database access control policies","publication_year":2008,"publication_date":"2008-10-27","ids":{"openalex":"https://openalex.org/W2005236917","doi":"https://doi.org/10.1145/1455770.1455808","mag":"2005236917"},"language":"en","primary_location":{"id":"doi:10.1145/1455770.1455808","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1455770.1455808","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM conference on Computer and communications security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5032988090","display_name":"Lars E. Olson","orcid":null},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Lars E. Olson","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, IL, USA","University of Illinois at Urbana/Champaign, Urbana, IL, USA#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, IL, USA","institution_ids":["https://openalex.org/I157725225"]},{"raw_affiliation_string":"University of Illinois at Urbana/Champaign, Urbana, IL, USA#TAB#","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031954035","display_name":"Carl A. Gunter","orcid":"https://orcid.org/0009-0006-6943-0684"},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Carl A. Gunter","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, IL, USA","University of Illinois at Urbana/Champaign, Urbana, IL, USA#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, IL, USA","institution_ids":["https://openalex.org/I157725225"]},{"raw_affiliation_string":"University of Illinois at Urbana/Champaign, Urbana, IL, USA#TAB#","institution_ids":["https://openalex.org/I157725225"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5112870293","display_name":"P. Madhusudan","orcid":null},"institutions":[{"id":"https://openalex.org/I157725225","display_name":"University of Illinois Urbana-Champaign","ror":"https://ror.org/047426m28","country_code":"US","type":"education","lineage":["https://openalex.org/I157725225"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"P. Madhusudan","raw_affiliation_strings":["University of Illinois at Urbana-Champaign, Urbana, IL, USA","University of Illinois at Urbana/Champaign, Urbana, IL, USA#TAB#"],"affiliations":[{"raw_affiliation_string":"University of Illinois at Urbana-Champaign, Urbana, IL, USA","institution_ids":["https://openalex.org/I157725225"]},{"raw_affiliation_string":"University of Illinois at Urbana/Champaign, Urbana, IL, USA#TAB#","institution_ids":["https://openalex.org/I157725225"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5032988090"],"corresponding_institution_ids":["https://openalex.org/I157725225"],"apc_list":null,"apc_paid":null,"fwci":16.3169,"has_fulltext":false,"cited_by_count":32,"citation_normalized_percentile":{"value":0.98656279,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":89,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"289","last_page":"298"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10772","display_name":"Distributed systems and fault tolerance","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8432409763336182},{"id":"https://openalex.org/keywords/datalog","display_name":"Datalog","score":0.8074504137039185},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.8005426526069641},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.732643723487854},{"id":"https://openalex.org/keywords/database-transaction","display_name":"Database transaction","score":0.6657536029815674},{"id":"https://openalex.org/keywords/database","display_name":"Database","score":0.5887014269828796},{"id":"https://openalex.org/keywords/database-design","display_name":"Database design","score":0.5290376543998718},{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.5201654434204102},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.5006866455078125},{"id":"https://openalex.org/keywords/database-theory","display_name":"Database theory","score":0.4915531575679779},{"id":"https://openalex.org/keywords/discretionary-access-control","display_name":"Discretionary access control","score":0.4759509265422821},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.47161227464675903},{"id":"https://openalex.org/keywords/database-administrator","display_name":"Database administrator","score":0.47039899230003357},{"id":"https://openalex.org/keywords/concurrency-control","display_name":"Concurrency control","score":0.4627843499183655},{"id":"https://openalex.org/keywords/access-method","display_name":"Access method","score":0.44989436864852905},{"id":"https://openalex.org/keywords/data-access","display_name":"Data access","score":0.4182336926460266},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.33979448676109314},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.30898338556289673}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8432409763336182},{"id":"https://openalex.org/C148230440","wikidata":"https://www.wikidata.org/wiki/Q1172264","display_name":"Datalog","level":2,"score":0.8074504137039185},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.8005426526069641},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.732643723487854},{"id":"https://openalex.org/C75949130","wikidata":"https://www.wikidata.org/wiki/Q848010","display_name":"Database transaction","level":2,"score":0.6657536029815674},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.5887014269828796},{"id":"https://openalex.org/C148840519","wikidata":"https://www.wikidata.org/wiki/Q1049878","display_name":"Database design","level":2,"score":0.5290376543998718},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.5201654434204102},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.5006866455078125},{"id":"https://openalex.org/C12439846","wikidata":"https://www.wikidata.org/wiki/Q4809258","display_name":"Database theory","level":3,"score":0.4915531575679779},{"id":"https://openalex.org/C48814466","wikidata":"https://www.wikidata.org/wiki/Q1228590","display_name":"Discretionary access control","level":4,"score":0.4759509265422821},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.47161227464675903},{"id":"https://openalex.org/C70236469","wikidata":"https://www.wikidata.org/wiki/Q1078262","display_name":"Database administrator","level":2,"score":0.47039899230003357},{"id":"https://openalex.org/C84511453","wikidata":"https://www.wikidata.org/wiki/Q2914952","display_name":"Concurrency control","level":3,"score":0.4627843499183655},{"id":"https://openalex.org/C70000936","wikidata":"https://www.wikidata.org/wiki/Q4672467","display_name":"Access method","level":2,"score":0.44989436864852905},{"id":"https://openalex.org/C47487241","wikidata":"https://www.wikidata.org/wiki/Q5227230","display_name":"Data access","level":2,"score":0.4182336926460266},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.33979448676109314},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.30898338556289673}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1145/1455770.1455808","is_oa":false,"landing_page_url":"https://doi.org/10.1145/1455770.1455808","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 15th ACM conference on Computer and communications security","raw_type":"proceedings-article"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.304.2788","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.304.2788","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www-faculty.cs.uiuc.edu/~madhu/ccs08.pdf","raw_type":"text"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.644.2454","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.644.2454","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://seclab.illinois.edu/wp-content/uploads/2011/03/OlsonGM08.pdf","raw_type":"text"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":33,"referenced_works":["https://openalex.org/W47223276","https://openalex.org/W63828906","https://openalex.org/W1489587815","https://openalex.org/W1568804695","https://openalex.org/W1655092483","https://openalex.org/W1959519534","https://openalex.org/W2006705008","https://openalex.org/W2015688007","https://openalex.org/W2042567627","https://openalex.org/W2042690606","https://openalex.org/W2043226436","https://openalex.org/W2053741629","https://openalex.org/W2061565124","https://openalex.org/W2073619573","https://openalex.org/W2087122799","https://openalex.org/W2092842298","https://openalex.org/W2096745467","https://openalex.org/W2101465039","https://openalex.org/W2108911687","https://openalex.org/W2110076463","https://openalex.org/W2121699410","https://openalex.org/W2124260419","https://openalex.org/W2124321177","https://openalex.org/W2132063146","https://openalex.org/W2141820222","https://openalex.org/W2150739077","https://openalex.org/W2151097384","https://openalex.org/W2160795275","https://openalex.org/W2162171351","https://openalex.org/W2168287017","https://openalex.org/W2271481029","https://openalex.org/W2914418376","https://openalex.org/W4255993952"],"related_works":["https://openalex.org/W2158881272","https://openalex.org/W2350594541","https://openalex.org/W2148952798","https://openalex.org/W2770657926","https://openalex.org/W1965609554","https://openalex.org/W2358777772","https://openalex.org/W2352302472","https://openalex.org/W1992265008","https://openalex.org/W2971830394","https://openalex.org/W193774567"],"abstract_inverted_index":{"Reflective":[0],"Database":[1],"Access":[2],"Control":[3],"(RDBAC)":[4],"is":[5,13],"a":[6,10,16,23,78,92],"model":[7],"in":[8,27],"which":[9],"database":[11,17,37],"privilege":[12,25],"expressed":[14],"as":[15,22,77],"query":[18],"itself,":[19],"rather":[20],"than":[21],"static":[24],"contained":[26],"an":[28],"access":[29,38,84],"control":[30,85],"list.":[31],"RDBAC":[32],"aids":[33],"the":[34,42,72],"management":[35],"of":[36,44,74,98],"controls":[39],"by":[40,55],"improving":[41],"expressiveness":[43],"policies.":[45,86],"However,":[46],"such":[47],"policies":[48,99,112],"introduce":[49],"new":[50],"interactions":[51],"between":[52],"data":[53],"managed":[54],"different":[56],"users,":[57],"and":[58,68,100],"can":[59,105],"lead":[60],"to":[61],"unexpected":[62],"results":[63],"if":[64],"not":[65],"carefully":[66],"written":[67],"analyzed.":[69],"We":[70,87],"propose":[71],"use":[73],"Transaction":[75],"Datalog":[76],"formal":[79],"framework":[80],"for":[81,94],"expressing":[82],"reflective":[83],"demonstrate":[88],"how":[89],"it":[90],"provides":[91],"basis":[93],"analyzing":[95],"certain":[96],"types":[97],"enables":[101],"secure":[102],"implementations":[103],"that":[104,107],"guarantee":[106],"configurations":[108],"built":[109],"on":[110],"these":[111],"cannot":[113],"be":[114],"subverted.":[115]},"counts_by_year":[{"year":2023,"cited_by_count":1},{"year":2016,"cited_by_count":1},{"year":2015,"cited_by_count":6},{"year":2014,"cited_by_count":3},{"year":2013,"cited_by_count":1},{"year":2012,"cited_by_count":5}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}