Protecting federated databases using a practical implementation of a formal RBAC policy

This paper describes the use of formally specified RBAC policies for protecting federated relational database systems that are accessed over a wide area network. The method that is described combines a formally specified RBAC policy with both temporal and locational constraints. It does not depend on any security mechanism supported by a specific DBMS and is thus portable across platforms