Background/Objectives: Privacy is a key requirement in handling personal and sensitive data. The Database Management System (DBMS) stores such kind of data and also provides tools to access and analyze this data.
Methods/Statistical analysis: The Role-Based Access Control (RBAC) regulates the access to resources based on the roles of individual users. Purpose Based Access Control (PuBAC) regulates the access based on the purpose for which data can be accessed. It regulates the execution of queries based on purpose.
Findings: From the result, it is observed that some records accessed by considering the purpose and role-based access control are less than some records accessed by original and purpose based access control query result. The system is more secure than the previous one.
Improvements/Applications: This work can be used in the organizations, government, and private offices academic institutes. It can be extended to support big data and conditional purpose based access control.
Suraj Krishna Patil, &Suhas B. Bhagate. (2017). Protecting Data in Relational Database Management System using Purpose and Role-Based Access Control. International Journal of Computer Engineering In Research Trends, 4(8), 336-340. Retrieved from http://ijcert.org/ems/ijcert_papers/V4I8004.pdf
1. J.Byun and N.Li, “Purpose based access control for privacy protection in a relational database system,” VLDB J., vol.17, no.4, pp. 603–619, 2008.
2. M.E.Kabir and H.Wang, “Conditional purpose based access control model for privacy protection,” in Proc. 20th Australian Conference Australian Database, 2009, vol.92, pp. 135–142.
3. P.Colombo and E.Ferrari, “Enforcement of purpose based access control within relational database management systems,” IEEE Transactions Knowledge Data Engineering, vol.26, no.11, pp.2703-2716, Nov 2014.
4. P.Colombo and E.Ferrari, “Enforcing obligations within relational database management systems”, IEEE Transactions Dependable secure computing, vol.11, no.4, pp.318-331, Jul/Aug 2014.
5. M. Jafari, P. W. Fong, R. Safavi-Naini, K. Barker, and N. P. Sheppard, “Towards defining Semantic foundations for purpose-based privacy policies,” in Proc. 1st ACM Conf. Data Appl. Security Privacy, 2011, pp. 213-224.
6. P.Colombo and E.Ferrari, “Efficient enforcement of action-aware purpose-based access control within relational database management systems,” IEEE Transaction Knowledge Data Engineering, vol. 27, no.08, pp. 2134-2147, Aug 2015.
7. M. Kabir, H. Wang, and E. Bertino, “A role-involved conditional purpose-based access control model,” in E-Government, E-Services and Global Processes, series IFIP Advances in Information and Communication Technology, vol. 334, M. Janssen, W. Lamersdorf, J. Pries-Heje, and M. Rosemann, Eds. Springer, 2010.
8. V.Nikitha, P.Jhansi , K.Neelima and D.Anusha ,” Data sets preparing for Data mining analysis by SQL Horizontal Aggregation,” International Journal of Computer Engineering In Research Trends.,vol.3,no.9,pp. 225-229,2014.
9. Neelima Kuderu, Dr. Vijaya Kumari,” Relational Database to NoSQL Conversion by Schema Migration and Mapping ,”International Journal of Computer Engineering In Research Trends.,vol.3,no.9,pp. 506-513,2016.
10. Jollu Jayachandrudu,M.Sri lakshmi,Dr.S.Prem Kumar,” Enhanced Independent Access to Encrypted Cloud Databases ,”International Journal of Computer Engineering In Research Trends.,vol.2,no.9,pp. 589-593,2015.
We have kept IJCERT is a free peer-reviewed scientific journal to endorse conservation. We have not put up a paywall to readers, and we do not charge for publishing. But running a monthly journal costs is a lot. While we do have some associates, we still need support to keep the journal flourishing. If our readers help fund it, our future will be more secure.