Database Security
- 1 -
Database Security *)
GÜNTHER PERNUL
Institut für Angewandte Informatik und Informationssysteme
Abteilung für Information Engineering
Universität Wien
Vienna, Austria
1. Introduction
1.1 The Relational Data Model Revisited
1.2 The Vocabulary of Security and Major DB Security Threats
2. Database Security Models
2.1 Discretionary Security Models
2.2 Mandatory Security Models
2.3 Adapted Mandatory Access Control Model
2.4 Personal Knowledge Approach
2.5 Clark and Wilson Model
2.6 A Final Note on Database Security Models
3. Multilevel Secure Prototypes and Systems
3.1 SeaView
3.2 Lock Data Views
3.3 ASD_Views
4. Conceptual Data Model for Multilevel Security
4.1 Concepts of Security Semantics
4.2 Classification Constraints
4.3 Consistency and Conflict Management
4.4 Modeling the Example Application
5. Standardization and Evaluation Efforts
6. Future Directions in Database Security Research
7. Conclusions
References
1. Introduction
Information stored in databases is often considered as a valuable and important corporate resource. Many organizations have become so dependent on the proper functioning of their systems that a disruption of service or a leakage of stored information may cause outcomes ranging from inconvenience to catastrophe. Corporate data may relate to financial records, others may be essential for the successful operation of an organization, may represent trade
*) Advances in Computers, Vol. 38. M. C. Yovits (Ed.), Academic Press, 1994, pp. 1 - 74.
- 2 - secrets, or may describe information about persons whose privacy must be protected. Thus, the general concept of database security is very broad and entails such things as moral and ethical issues imposed by public and society, legal issues where control is legislated over the collection and disclosure of stored information, or more technical issues such as how to protect the stored information from loss or unauthorized access, destruction, use,
Database Security *)
GÜNTHER PERNUL
Institut für Angewandte Informatik und Informationssysteme
Abteilung für Information Engineering
Universität Wien
Vienna, Austria
1. Introduction
1.1 The Relational Data Model Revisited
1.2 The Vocabulary of Security and Major DB Security Threats
2. Database Security Models
2.1 Discretionary Security Models
2.2 Mandatory Security Models
2.3 Adapted Mandatory Access Control Model
2.4 Personal Knowledge Approach
2.5 Clark and Wilson Model
2.6 A Final Note on Database Security Models
3. Multilevel Secure Prototypes and Systems
3.1 SeaView
3.2 Lock Data Views
3.3 ASD_Views
4. Conceptual Data Model for Multilevel Security
4.1 Concepts of Security Semantics
4.2 Classification Constraints
4.3 Consistency and Conflict Management
4.4 Modeling the Example Application
5. Standardization and Evaluation Efforts
6. Future Directions in Database Security Research
7. Conclusions
References
1. Introduction
Information stored in databases is often considered as a valuable and important corporate resource. Many organizations have become so dependent on the proper functioning of their systems that a disruption of service or a leakage of stored information may cause outcomes ranging from inconvenience to catastrophe. Corporate data may relate to financial records, others may be essential for the successful operation of an organization, may represent trade
*) Advances in Computers, Vol. 38. M. C. Yovits (Ed.), Academic Press, 1994, pp. 1 - 74.
- 2 - secrets, or may describe information about persons whose privacy must be protected. Thus, the general concept of database security is very broad and entails such things as moral and ethical issues imposed by public and society, legal issues where control is legislated over the collection and disclosure of stored information, or more technical issues such as how to protect the stored information from loss or unauthorized access, destruction, use,
References: concepts consult the surveys by Jajodia and Sandhu (1990a), Lunt and Fernandez (1990), or Denning (1988) consult the annotated bibliography by Pernul and Luef (1992).