Publication detail

Architecture of a universal relation data source for web applications with advanced access control and simplified migration

VRBA, V. CVRK, L. NOVOTNÝ, V. MOLNÁR, K.

Original Title

Architecture of a universal relation data source for web applications with advanced access control and simplified migration

Czech Title

Architektura univerzálního relačního datového zdroje pro webové aplikace včetně pokročilého řízení přístupu a zjednodušené migrace

English Title

Architecture of a universal relation data source for web applications with advanced access control and simplified migration

Type

conference paper

Language

en

Original Abstract

In enterprise systems many software operations over a database are implemented in a similar way. Systems always take care of correct storage of a data into appropriate tables, data integrity, multilingual support, locales, data validation etc. Data are often stored in a relational database management systems using SQL. SQL standard itself does not provide suitable support for wide range of operations which need to be implemented in almost all cases. Furthermore SQL implementation and triggers/stored procedures programming language differ between various systems. This leads to very difficult migration of software systems based on one database management system to another. Access control provided by the databases is not suitable for an application because users would be allowed to access a database but they must be allowed to access an application instead. Sometimes an application needs to design a more sophisticated access control system. This article deals with this topic and designs an architecture which universally solves all mentioned problem areas. Key benefits it brings are independency on any particular database management system, easy migration to another one and fast fully automatic low-level record based rights checking.

Czech abstract

V podnikových systémech je mnoho operací nad databází implementováno podobně. Systémy se vždy musí starat o správné uložení dat do příslušných tabulek, o datovou integritu, o podporu vícejazyčného prostředí, lokalizačních dat, o validaci dat apod. Data jsou většinou uložena v relačních databázových systémech za použití jazyka SQL. Standard SQL sám o sobě nenabízí dostatečnou podporu pro rozsáhlé množství operací, které jsou implementovány téměř ve všech případech. Navíc implementace SQL a programovacího jazyka triggerů a uložených procedur se liší mezi různými systémy. Toto vede k velmi obtížnému přenosu softwarových systémů založených na jednom databázovém systému na jiný. Řízení přístupu realizované databázemi není vhodné pro aplikaci, protože uživatelé by byli oprávněni přistupovat do databáze, ale přístup musí být povolen jen k aplikaci samotné.Občas aplikace potřebují sofistikovanější návrh systému řízení přístupu. Tento příspěvek se zabývá tímto tématem a navrhuje architekturu, která univerzálně řeší všechny zmíněné problémové oblasti. Klíčové přínosy jsou nezávislost na konkrétním databázovém systému, jednoduchý přenos na jinou databázi a rychlý, plně automatický systém ověřování přístupu uživatelů k datům až na úrovni jednotlivých řádků dat.

English abstract

In enterprise systems many software operations over a database are implemented in a similar way. Systems always take care of correct storage of a data into appropriate tables, data integrity, multilingual support, locales, data validation etc. Data are often stored in a relational database management systems using SQL. SQL standard itself does not provide suitable support for wide range of operations which need to be implemented in almost all cases. Furthermore SQL implementation and triggers/stored procedures programming language differ between various systems. This leads to very difficult migration of software systems based on one database management system to another. Access control provided by the databases is not suitable for an application because users would be allowed to access a database but they must be allowed to access an application instead. Sometimes an application needs to design a more sophisticated access control system. This article deals with this topic and designs an architecture which universally solves all mentioned problem areas. Key benefits it brings are independency on any particular database management system, easy migration to another one and fast fully automatic low-level record based rights checking.

Keywords

data source, access control, user rights, database, SQL, web applications

RIV year

2006

Released

29.10.2006

Publisher

IEEE Computer Society

Location

Papeete

ISBN

0-7695-2703-5

Book

International Conference on Software Engineering Advances

Edition

IEEE Computer Society

Edition number

1.

Pages from

1

Pages to

7

Pages count

7

BibTex


@inproceedings{BUT24865,
  author="Vít {Vrba} and Lubomír {Cvrk} and Vít {Novotný} and Karol {Molnár}",
  title="Architecture of a universal relation data source for web applications with advanced access control and simplified migration",
  annote="In enterprise systems many software operations over a database are implemented in a similar way. Systems always take care of correct storage of a data into appropriate tables, data integrity, multilingual support, locales, data validation etc. Data are often stored in a relational database management systems using SQL. SQL standard itself does not provide suitable support for wide range of operations which need to be implemented in almost all cases. Furthermore SQL implementation and triggers/stored procedures programming language differ between various systems. This leads to very difficult migration of software systems based on one database management system to another. 
Access control provided by the databases is not suitable for an application because users would be allowed to access a database but they must be allowed to access an application instead. Sometimes an application needs to design a more sophisticated access control system.
This article deals with this topic and designs an architecture which universally solves all mentioned problem areas. Key benefits it brings are independency on any particular database management system, easy migration to another one and fast fully automatic low-level record based rights checking.",
  address="IEEE Computer Society",
  booktitle="International Conference on Software Engineering Advances",
  chapter="24865",
  edition="IEEE Computer Society",
  institution="IEEE Computer Society",
  year="2006",
  month="october",
  pages="1",
  publisher="IEEE Computer Society",
  type="conference paper"
}