Trust Management and Trust Negotiation in an Extension of SQL
Scott D. Stoller

Security policies of large organizations cannot be expressed in the access control policy language defined by the SQL standard and provided by widely used relational database systems, because that language does not support the decentralized policies that are common in large organizations. Trust management frameworks support decentralized policies but generally have not been designed to integrate conveniently with databases. This paper describes a trust management framework for relational databases. Specifically, this paper describes a SQL-based policy language with support for certificate discovery and trust negotiation, a portable system architecture, and a large case study based on an existing realistic policy for electronic health records.