The Gap: Assumption that Acess right = Retrievable data

• Access rights assume a certain partitioning of data

• Domain data are partioned accord to internal needs

• They only match in simple cases / artificial examples

database access &

authorization agent

source is rarely

perfectly

matched to all

access rights

customer

result

query

authentication

Gio Wiederhold TIHI Oct96 *

firewall

Previous slide

Next slide

Back to first slide

View graphic version