JTAM - A Joint Threshold Administration Model

Abstract

We propose a Joint Threshold Administration Model (JTAM) for performing certain critical and sensitive database operations such as user/role permission assignment, user/role creation, and so forth. The key idea is that a JTAM enabled operation is incomplete unless it is authorized by at least k - 1 additional DBAs. We present the design details of JTAM based on a cryptographic threshold signature scheme. We implement JTAM in the PostgreSQL DBMS, and demonstrate the execution of the JTAM enabled SQL GRANT command. We also show how to prevent malicious modifications to the JTAM enabled operations.