A systematic literature review of authorization and access control requirements and current state of the art for different database models

IF 2.5 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS International Journal of Web Information Systems Pub Date : 2023-10-09 DOI:10.1108/ijwis-04-2023-0072
Aya Khaled Youssef Sayed Mohamed, Dagmar Auer, Daniel Hofer, Josef Küng
{"title":"A systematic literature review of authorization and access control requirements and current state of the art for different database models","authors":"Aya Khaled Youssef Sayed Mohamed, Dagmar Auer, Daniel Hofer, Josef Küng","doi":"10.1108/ijwis-04-2023-0072","DOIUrl":null,"url":null,"abstract":"Purpose Data protection requirements heavily increased due to the rising awareness of data security, legal requirements and technological developments. Today, NoSQL databases are increasingly used in security-critical domains. Current survey works on databases and data security only consider authorization and access control in a very general way and do not regard most of today’s sophisticated requirements. Accordingly, the purpose of this paper is to discuss authorization and access control for relational and NoSQL database models in detail with respect to requirements and current state of the art. Design/methodology/approach This paper follows a systematic literature review approach to study authorization and access control for different database models. Starting with a research on survey works on authorization and access control in databases, the study continues with the identification and definition of advanced authorization and access control requirements, which are generally applicable to any database model. This paper then discusses and compares current database models based on these requirements. Findings As no survey works consider requirements for authorization and access control in different database models so far, the authors define their requirements. Furthermore, the authors discuss the current state of the art for the relational, key-value, column-oriented, document-based and graph database models in comparison to the defined requirements. Originality/value This paper focuses on authorization and access control for various database models, not concrete products. This paper identifies today’s sophisticated – yet general – requirements from the literature and compares them with research results and access control features of current products for the relational and NoSQL database models.","PeriodicalId":44153,"journal":{"name":"International Journal of Web Information Systems","volume":"62 1","pages":"0"},"PeriodicalIF":2.5000,"publicationDate":"2023-10-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Web Information Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1108/ijwis-04-2023-0072","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

Abstract

Purpose Data protection requirements heavily increased due to the rising awareness of data security, legal requirements and technological developments. Today, NoSQL databases are increasingly used in security-critical domains. Current survey works on databases and data security only consider authorization and access control in a very general way and do not regard most of today’s sophisticated requirements. Accordingly, the purpose of this paper is to discuss authorization and access control for relational and NoSQL database models in detail with respect to requirements and current state of the art. Design/methodology/approach This paper follows a systematic literature review approach to study authorization and access control for different database models. Starting with a research on survey works on authorization and access control in databases, the study continues with the identification and definition of advanced authorization and access control requirements, which are generally applicable to any database model. This paper then discusses and compares current database models based on these requirements. Findings As no survey works consider requirements for authorization and access control in different database models so far, the authors define their requirements. Furthermore, the authors discuss the current state of the art for the relational, key-value, column-oriented, document-based and graph database models in comparison to the defined requirements. Originality/value This paper focuses on authorization and access control for various database models, not concrete products. This paper identifies today’s sophisticated – yet general – requirements from the literature and compares them with research results and access control features of current products for the relational and NoSQL database models.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
对不同数据库模型的授权和访问控制需求以及当前技术状态进行系统的文献回顾
由于数据安全意识的提高、法律要求和技术发展,数据保护需求大幅增加。如今,NoSQL数据库越来越多地用于安全关键领域。目前对数据库和数据安全的调查工作仅以非常一般的方式考虑授权和访问控制,而没有考虑当今大多数复杂的需求。因此,本文的目的是详细讨论关系和NoSQL数据库模型的授权和访问控制,包括需求和当前技术状态。设计/方法/方法本文采用系统的文献综述方法来研究不同数据库模型的授权和访问控制。本研究从数据库中授权和访问控制的调研工作入手,继续研究高级授权和访问控制需求的识别和定义,这些需求一般适用于任何数据库模型。然后,本文讨论并比较了基于这些需求的当前数据库模型。由于到目前为止还没有调查工作考虑到不同数据库模型中对授权和访问控制的需求,因此作者定义了他们的需求。此外,作者还讨论了关系数据库模型、键值数据库模型、面向列数据库模型、基于文档数据库模型和图形数据库模型的现状,并与已定义的需求进行了比较。本文关注的是各种数据库模型的授权和访问控制,而不是具体的产品。本文从文献中确定了当今复杂但普遍的需求,并将其与关系和NoSQL数据库模型的研究结果和当前产品的访问控制特性进行了比较。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
International Journal of Web Information Systems
International Journal of Web Information Systems COMPUTER SCIENCE, INFORMATION SYSTEMS-
CiteScore
4.60
自引率
0.00%
发文量
19
期刊介绍: The Global Information Infrastructure is a daily reality. In spite of the many applications in all domains of our societies: e-business, e-commerce, e-learning, e-science, and e-government, for instance, and in spite of the tremendous advances by engineers and scientists, the seamless development of Web information systems and services remains a major challenge. The journal examines how current shared vision for the future is one of semantically-rich information and service oriented architecture for global information systems. This vision is at the convergence of progress in technologies such as XML, Web services, RDF, OWL, of multimedia, multimodal, and multilingual information retrieval, and of distributed, mobile and ubiquitous computing. Topicality While the International Journal of Web Information Systems covers a broad range of topics, the journal welcomes papers that provide a perspective on all aspects of Web information systems: Web semantics and Web dynamics, Web mining and searching, Web databases and Web data integration, Web-based commerce and e-business, Web collaboration and distributed computing, Internet computing and networks, performance of Web applications, and Web multimedia services and Web-based education.
期刊最新文献
ImageNet classification with Raspberry Pis: federated learning algorithms of local classifiers A review of in-memory computing for machine learning: architectures, options Efficient knowledge distillation for remote sensing image classification: a CNN-based approach FedACQ: adaptive clustering quantization of model parameters in federated learning A systematic literature review of authorization and access control requirements and current state of the art for different database models
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1