In database applications, access control is aimed at
supervising users’ requests to access sensitive data. Users’
requests are mainly formalized by Create, Read, Update and
Delete (CRUD) expressions. The supervision process can be
formalized at a high level, such as based on the RBAC model, but in the end the relevant aspect is the data being accessed through each CRUD expression. In critical database applications access control can be enforced not on a CRUD by CRUD basis but
enforced at the level of sequences of CRUD expressions (workflow). This situation can occur whenever established
security policies are based on strict procedures that define step by step the actions (sequences of CRUD expressions) to be followed. Current RBAC models do not support this type of security policies. To overcome this security gap, we leverage previous researches to propose an extension to the RBAC model to control for each role which sequences of CRUD expressions are authorized. We demonstrate empirical evidence of the
effectiveness of our proposal from a use case based on Java and
JDBC. Our use case is based on typed security layers built from a software architectural model and also from metadata based on the proposed RBAC model extension.