Abstract
Role-based Access Control (RBAC) provides access control based on permissions associated with roles and simplifies the management of permissions. Among commercial software applications, database management systems (DBMSs) provide access control at several levels of granularity and many have already applied RBAC. Object-Relational Databases (ORDB) integrate an object model with the relational model and its basic goal is to bridge the gap between relational databases and the object-oriented modeling techniques used in programming languages such as Java. In this project, a general pattern called ORDB-RBAC is designed to utilize Role-based Access Control (RBAC) in Object-Relational databases in order to develop secured software applications. This pattern is reusable for most applications, which requires access control. Access control is designed at database level instead of application level, which greatly reduces programming efforts for application developers. In this pattern, I provide how resources like users, protected objects, which are in the applications, map to RBAC standard model. Then I used a case study of software management to illustrate our approach. I implemented the case study by using Oracle database 11g express edition as the Object-relational Database Management Systems.