1. Rule-based RBAC with negative authorization;Al-Kahtani,2004

2. Implementing transaction control expressions by checking for absence of access rights;Ammann,1992

3. A logical framework for reasoning on data access control policies;Bertino,1999

4. A flexible authorization mechanism for relational data management systems;Bertino;ACM Transactions on Information Systems (TOIS),1999

5. An extended authorization model for relational databases;Bertino;IEEE Transactions on Knowledge and Data Engineering,1997