Dept. of Accounting, University of Massachusetts, Amherst, Massachusetts 01003, USA;Dept. of Accounting, Michigan State University, East Lansing, Michigan 48824, USA
Abstract:
This paper examines the problem of specifying database security controls in a manner such that the resulting segmentation of data and the patterns of access rights are consistent with traditional accounting concepts that govern segregation of duties. The mechanism we use for implementation of these controls in a relational accounting system is that of a “view” implemented on the Query-by-Example database management system. A number of examples are presented in detail and some further aspects of security and integrity constraints are discussed.