The semantically rich data models of object-oriented database management
systems (OODBMSs) are much more a challenge to achieve security than the
traditional (relational) models. Issues to be considered include inheritance
relationships and complex object aggregations as well as method executions.

In relational systems, views have their place as one important building block
of the security mechanism. They allow to derive and re-structure the schema
according to security requirements and also to implement content based
restrictions on database access.

The construction of derived schema elements and schema restructuring in order
to design subschemas as external models are also main goals of approaches
for view mechanisms in OODBMSs. While security is not the main focus of
those proposals, it seems equally promising to use them as implementation
means to achieve security like in the relational systems.

One of the newer and more powerful proposals for views in OODBMSs is our
approach named eXoT/C. It supports the derivation of external schemas from
the conceptual schema by means of a mapping specification. All security
requirements can be captured in the mapping itself. For the users of
external schemas this mechanism is transparent and there are no security
induced effects on the conceptual schema which would distort its semantics.

Through an example which takes into account all the important categories of
security constraints in OODBMSs we will investigate the suitability and
assess the usefulness of eXoT/C with respect to security issues.