[cap-talk] capabilities for databases and database-like systems

John Carlson john.carlson3 at sbcglobal.net
Wed Apr 6 01:42:19 EDT 2005 

So, I was just ruminating about security for different types
of data structures over the last couple of days.   There is
reasonable security for tables stored in databases, usually
implemented with some kind of query language, like SQL.

So, how do we extend this security into the capability area?
The user could be given a capability to execute a particular
piece of SQL, say a select that pulls out a subset of columns
and rows out of a table.   The SQL could be parameterized
by placeholder variables that the user could set when the
capability is submitted to the database.

Inside the database, there could be a table with two columns,
one column would be the capability group, andthe other would
be the rest of the capabilities assigned to the group.   So if I1
is the capability group, and C1, C2, C3 and C4 are other
capabilities, the Capabilities table would look like this:

Group   Capability
I1           C1
I1           C2
I1           C3
I1           C4

The user would be given a capability, C0, that could be stored
on keyring, say on a memory stick.   The C0 capability would
have the SQL

Select Capability from Capabilities where Group = 'I1'

When executed, it would return the group of capabilities that
the user could then choose to submit to the database.

There are probably better ways to give the user this initial
capability, which I'm sure you are all aware of.

The point of this is that the query language defines the
syntax of a major portion of the capability, and a sentence
in the query language is what is protected by the capability.
The database will only accept queries that have a capability
associated with them.

Hopefully, this will extend the ideas of capabilities beyond
the typical OS arena.  There can be query languages
for Object Oriented Databases,  Product Data Management
Systems. Product Lifecycle Management Systems, XML
Databases etc. Anything that supports query sentences
and placeholder variables in a query language, in addition
to capabilities.

So if we standardize on some standard things in a capability,
like the sentence identifier and the substitution variables,
we can go a long way to actually implementing a system
that people can use.  I propose the example XML structure
to use to store this data:

<QUERY>
<SENTENCE>Select Group from Capabilities where Capability = :1</SENTENCE>
</QUERY>

The user would add the following example XML structure
to the capability to set the placeholder variable :1

<PARAMETER ID="1">C4</PARAMETER>

The sentence and parameter could be XML as well.  The
setence could be stored in the database in the Capabilities
table, or in an underlying view not visible to the user.  The
user would have to know the type and number of parameters.

Does anyone see problems with this?

John Carlson

More information about the cap-talk mailing list