Negative Authorization

(redirected from Negative Authorizations)

Negative Authorization

A system that compares a credit card number to a list of lost or stolen numbers. When a credit card is used, the transaction will not be approved if the number matches a number on the list.
References in periodicals archive ?
--Support for positive and negative authorizations: Positive authorizations state those accesses that are to be allowed; negative authorizations state accesses to be denied.
The model supports positive and negative authorizations that can be either strong or weak.
Our model allows authorization exceptions to be specified at any level in a group hierarchy.(2) In particular, positive authorizations and negative authorizations can be specified at any level.
Section 9 surveys other authorization models supporting negative authorizations and group management.
Negative authorizations can be specified only on base tables.
Note that if the request is on a view table, function strong_auth() controls, beside the authorizations on the view, also the negative authorizations on the base tables underlying the view.
In addition to these temporal capabilities, the model supports both positive and negative authorizations. The capability of supporting explicit denials, provided by negative authorizations, can be used for specifying exceptions to positive authorizations and for supporting a stricter control in the case of decentralized authorization administration [Bertino et al.
Note that the possibility of expressing negative authorizations introduces potential conflicts.
The second condition in the preceding definition implies that negative authorizations have higher priority than their positive counterparts at the same instant.
In Step 5, the algorithm considers the dependencies caused by negative authorizations (Step 5.1) and by derivation rules (Steps 5.2 and 5.3), and possibly moves authorizations to higher levels.
1995] for view maintenance, and extend them to the consideration of negative authorizations. The maintenance algorithms we have developed for the periodic model are optimizations of the ones developed for the nonperiodic model [Bertino et al.
A second direction concerns the investigation and use of different resolution policies to solve conflicts between positive and negative authorizations. In the article we have assumed the use of the denials-take-precedence policy.