Browser unable to execute script; please use the site map to navigate the site.

DISCO: A Discretionary Security Model for Object-oriented Databases

Olivier and von Solms


(Citation)Citation information

M. S. Olivier and S. H. von Solms. “DISCO: A Discretionary Security Model for Object-oriented Databases”. In: IT Security: The Need for International Cooperation. Ed. by G. G. Gable and W. J. Caelli. Elsevier, 1992, pp. 345–357


This paper proposes a discretionary security model for object-oriented databases. Entities in the database are protected by capabilities. A subject that possesses a capability is authorised to access the corresponding entity. Additionally, under certain conditions, a subject may pass the capability on to another subject, authorising this other subject to access the protected entity. Passing the capability on to another subject is done at the first subject’s discretion, hence the term ¡em¿discretionary¡/em¿ security.

The object-oriented model has a rich variety of entities with relationships between such entities. A subject that passes a capability on to another subject may (inadvertently) authorise the second subject to access more entities than intended. We describe the restrictions that apply to the transfer of capabilities to safeguard against such an unintended disclosure of information.

Revoking of capabilities also have major implications: if a capability is revoked, it is possible that the user may still make inferences about the protected information. We consider the restrictions that should apply to revocation of capabilities.

The model also indicates how the transfer of capabilities (and transfer of ownership) may be included in methods of a protected object. If such transfers are included in methods, the freedom of a subject to transfer capabilities to other subjects are limited to the extent determined by the method. This corresponds to the general object-oriented philosophy that the manipulation of data encapsulated in the object is restricted to such manipulation permitted by the (encapsulated) methods.

(Full text; password required)Full text

A pre- or postprint of the publication is available at
Note that a username and password are required to download the full text. (Why?) Please e-mail me and I will send you a username and password.

(Authoritative version on publisher's site)Definitive version

The definitive version of the paper is available from the publisher.

(BibTeX record)BibTeX reference

author={Martin S Olivier and von Solms, Sebastiaan H},
title={DISCO: A Discretionary Security Model for Object-oriented Databases},
editor={G G Gable and W J Caelli},
booktitle={IT Security: The Need for International Cooperation},
year={1992} )