A Unified Network Security and Fine-Grained Database Access Control Model

With the development of Internet and Intranet, Web and distributed databases have been used more and more widely. It is important to properly handle network and Web database security issues including authentication, denial of service, and fine-grained access control. When database access control and the network security are addressed separately, the security systems are not optimized sufficiently as a whole. This paper propose a method of integrating network security with criterion-based access control to handle network security and the fine-grained Web database access control simultaneously. To improve efficiency, the model adopts two step access controls. The first preliminary access control is combined with the firewall function, and the second fine-grained access decisions are determined by the user's digital credentials as well as other factors such as his/her IP address.