Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Role-Based Access Control Features in Commercial Database Management Systems

Published

Author(s)

Ramaswamy Chandramouli, R. Sandhu

Abstract

This paper analyzes and compares role-based access control (RBAC) features supported in the most recent versions of three popular commercial database management systems: Informix Online Dynamic Server Version 7.2, Oracle Enterprise Server Version 8.0 and Sybase Adaptive Server Release 11.5. We categorize RBAC features under three broad areas: user role assignment, support for role relationships and constraints, and assignable privileges. Our finding is that these products provide a sound basis for implementing the basic features of RBAC, although there are significant differences. In particular, Informix restricts users to a single active role at any time, while Oracle and Sybase allow multiple roles to be activated simultaneously as per the user's selection. All three provide support for role hierarchies, but Sybase is the only one to directly support mutual exclusion of roles.
Proceedings Title
Proceedings of the 21st National Information Systems Security Conference (NISSC '98)
Conference Dates
October 6-9, 1998
Conference Location
Crystal City, VA
Conference Title
21st National Information Systems Security Conference (NISSC '98)

Keywords

access control, database management systems, DBMS, RBAC, Role-Based Access Control

Citation

Chandramouli, R. and Sandhu, R. (1998), Role-Based Access Control Features in Commercial Database Management Systems, Proceedings of the 21st National Information Systems Security Conference (NISSC '98), Crystal City, VA, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=916539 (Accessed December 3, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created October 9, 1998, Updated February 19, 2017