The Gap: Assumption that Acess right = Retrievable data

The Gap: Assumption that Acess right = Retrievable data

• Access rights assume a certain partitioning of data
• Domain data are partioned accord to internal needs
• They only match in simple cases / artificial examples

database access &

authorization agent

source is rarely

perfectly

matched to all

access rights

customer

result

query

authentication

Gio Wiederhold TIHI Oct96 *

firewall

Previous slide

Next slide

Back to the first slide

View Graphic Version