The Gap: Assumption that Acess right = Retrievable data

• Access rights assume a certain partitioning of data

• Domain data are partioned accord to internal needs

• They only match in simple cases / artificial examples

database access &

authorization agent

data sources are

rarely perfectly

matched to all

access rights

customer

result

query

authentication

firewall

Previous slide

Next slide

Back to first slide

View graphic version