Although Role-Based Access Control (RBAC) is a common security model currently, it has not been systematically applied in databases. In this paper, we propose a framework that enforces RBAC based on dynamic query rewriting. This framework grants privileges to data based on an intersection of roles, database structures, content, and privileges. All of this is implemented at the database level, which also offers a centralized location for administering security policies. We have implemented the framework within a healthcare setting.
Jarman, Jay; McCart, James A,; Berndt, Donald; and Ligatti, Jay, "A Dynamic Query-Rewriting Mechanism for Role-Based Access Control in Databases" (2008). AMCIS 2008 Proceedings. 134.