Verification of Database Transaction Lock Management in the Presence of Role Based Access Control Policy
In a computing environment where access to system resources is controlled by an access control policy and execution of database transactions is dictated by database locking policy, interaction between the two policies can result in constraints restricting execution of transactions. The authors present a methodology for the verification of database transaction requirements in a Role Based Access Control (RBAC) environment. Specifically, they propose a step by step approach for the extraction of implicit requirements of a database transaction, and present a mechanism whereby these requirements can be verified against an RBAC policy representation. Based on the requirements of database transaction, they define feasible states of the access control policy which allow the transaction to be executed.