Implementing access control for queries to a content management system
作者: Rupa Bhaghavan , Randal James Richardt , Tawei Hu , Kenneth Carlin Nelson
DOI:
关键词: User-defined function 、 Business Intelligence Markup Language 、 In-Memory Processing 、 Stored procedure 、 Database 、 Operating system 、 Computer science 、 Query by Example 、 Language Integrated Query 、 Data Transformation Services 、 SQL injection
摘要: A system to generate an SQL sub-expression that implement access control rules stored in a library server. The is then merged with the passed from application program interface (API). checking mechanism implemented on server side of content management system. In this client/server environment, query statement built two layers: API (client) layer and layer. sends string underlying procedure. procedure generates logic based configuration parameters This dynamically added sent by API. prepares, builds executes new as dynamic statement.
google.com.na 参考文章(61)
Peter T. Brundrett, Clifford P. Van Dyke, Praerit Garg, Michael M. Swift, Richard B. Ward, Per property access control mechanism ,(1998)
Frederick Thomas Sharp, I-Shin Andy Wang, Kehsing J. Chou, Jy-Jine James Lin, Stored procedure universal calling interface ,(1996)
Lucinio Santos-Gomez, Integration of procedural and object-oriented user interfaces ,(1998)
Mir Hamid Pirahesh, Gerald Herman Roth, Frederick Thomas Sharp, I-Shin Andy Wang, Tak Ming Lo, John Shek-Luen Ng, System, method and computer program product for passing host variables to a database management system ,(1995)
Otto Muller, Apparatus for stack control employing mixed hardware registers and memory ,(1988)
Melvin R. Zimowski, Curt L. Cotner, Peter K. L. Shum, System and method for efficiently processing diverse result sets returned by a stored procedures ,(1995)
John Weisz, Apparatus and method for pickling data ,(1997)
Ray Freiwirth, Eric Maloney, Method and system for dynamic interactive queries ,(2001)