With the increasing popularity of computers, more and more data is being stored in relational databases. Information stored in databases is routinely accessed through the Internet. Users can access data stored in databases with personal computers (PCs), handheld computers, smart-phones, and the like. Relational databases organize data in the form of user tables that are further congregated into collections referred to as schemas. A database is often a self-contained unit of schemas and other objects and is often a domain of administration.
Tabular data is queried from a database using an ISO/ANSI (International Organization for Standardization/American National Standards Institute) standard language called SQL (Structured Query Language). Authorization is a process by which a database management system (DBMS) discriminates access to such tables.
Both commercial (e.g., Oracle-brand, Sybase-brand, DB2-brand) and non-commercial (e.g., Exodus-brand, Postgres-brand) database management systems (DBMSs) are utilized to provide for authorization to such resources. However, mechanisms are not provided that allow for the specification of a generic uniform authorization model.
ISO/ANSI SQL specifies a dialect to provision security on objects defined in the standard, such as tables and user-defined types. Thus, conventional DBMS are complex and consist of a variety of additional types of objects not defined in the ISO/ANSI standard. In addition, these objects are related to one another in complex ways.
Therefore, what is needed is a specification and implementation of extensions to the SQL language both syntactically and semantically to accommodate the definition of authorization rules in DBMS.