%0 Conference Proceedings
%T From MDM to DB2: A Case Study of Security Enforcement Migration
%+ department of Computer Science and Engineering
%+ Center for Advanced Studies [IBM CAS Canada]
%A Yakovets, Nikolay
%A Gryz, Jarek
%A Hazlewood, Stephanie
%A Run, Paul, Van
%Z Part 6: Data Management
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 26th Conference on Data and Applications Security and Privacy (DBSec)
%C Paris, France
%Y Nora Cuppens-Boulahia
%Y Frédéric Cuppens
%Y Joaquin Garcia-Alfaro
%I Springer
%3 Data and Applications Security and Privacy XXVI
%V LNCS-7371
%P 207-222
%8 2012-07-11
%D 2012
%R 10.1007/978-3-642-31540-4_16
%K Master Data Management
%K Enterprise Security
%K Attribute-Based Access Control
%K Database Security
%K XACML
%K DB2
%Z Computer Science [cs]Conference papers
%X This work presents a case study of a migration of attribute-based access control enforcement from the application to the database tier. The proposed migration aims to improve the security and simplify the audit of the enterprise system by enforcing information protection principles of the least privileges and the least common mechanism. We explore the challenges of such migration and implement it in an industrial setting in a context of master data management where data security, privacy and audit are subject to regulatory compliance. Based on our implementation, we propose a general, standards-driven migration methodology.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-01534771/document
%2 https://inria.hal.science/hal-01534771/file/978-3-642-31540-4_16_Chapter.pdf
%L hal-01534771
%U https://inria.hal.science/hal-01534771
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-7371