Database Security

28570 Words Aug 20th, 2008 115 Pages
- 1 -
Database Security *)
GÜNTHER PERNUL
Institut für Angewandte Informatik und Informationssysteme
Abteilung für Information Engineering
Universität Wien
Vienna, Austria
1. Introduction
1.1 The Relational Data Model Revisited
1.2 The Vocabulary of Security and Major DB Security Threats
2. Database Security Models
2.1 Discretionary Security Models
2.2 Mandatory Security Models
2.3 Adapted Mandatory Access Control Model
2.4 Personal Knowledge Approach
2.5 Clark and Wilson Model
2.6 A Final Note on Database Security Models
3. Multilevel Secure Prototypes and Systems
3.1 SeaView
3.2 Lock Data Views
3.3 ASD_Views
4. Conceptual Data Model for Multilevel Security
4.1 Concepts of Security Semantics
4.2 Classification
…show more content…
· Authorization, Access Controls
Authorization is the specification of a set of rules that specify who has which type of access to what information. Authorization policies therefore govern the disclosure and modification of information. Access controls are
- 3 - procedures that are designed to control authorizations. They are responsible to limit access to stored data to authorized users only.
· Integrity, Consistency
An integrity policy states a set of rules (i. e. semantic integrity constraints) that define the correct states of the database during database operation and therefore can protect against malicious or accidental modification of information. Closely related issues to integrity and consistency are concurrency control and recovery. Concurrency control policies protect the integrity of the database in the presence of concurrent transactions. If these transactions do not terminate normally due to system crashes or security violations recovery techniques are used to reconstruct correct or valid database states.
· Auditing
The requirement to keep records of all security relevant actions issued by a user is called auditing. Resulting audit records are the basis for further reviews and examinations in order to test the adequacy of system controls and to recommend any changes in the security policy.
In this Chapter such a broad perspective of database security is not taken.
Instead, main focus is directed towards aspects related to
Open Document