E-Book, Englisch, 304 Seiten
Faragallah / El-Rabaie / El-Samie Multilevel Security for Relational Databases
Erscheinungsjahr 2014
ISBN: 978-1-4822-0540-4
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
E-Book, Englisch, 304 Seiten
ISBN: 978-1-4822-0540-4
Verlag: Taylor & Francis
Format: PDF
Kopierschutz: Adobe DRM (»Systemvoraussetzungen)
Since databases are the primary repositories of information for today’s organizations and governments, database security has become critically important. Introducing the concept of multilevel security in relational databases, this book provides a comparative study of the various models that support multilevel security policies in the relational database—illustrating the strengths and weaknesses of each model.
Multilevel Security for Relational Databases covers multilevel database security concepts along with many other multilevel database security models and techniques. It presents a prototype that readers can implement as a tool for conducting performance evaluations to compare multilevel secure database models.
The book supplies a complete view of an encryption-based multilevel security database model that integrates multilevel security for the relational database with a system that encrypts each record with an encryption key according to its security class level. This model will help you utilize an encryption system as a second security layer over the multilevel security layer for the database, reduce the multilevel database size, and improve the response time of data retrieval from the multilevel database.
Considering instance-based multilevel database security, the book covers relational database access controls and examines concurrency control in multilevel database security systems. It includes database encryption algorithms, simulation programs, and Visual studio and Microsoft SQL Server code.
Zielgruppe
Software engineers and researchers working on database security and development.
Autoren/Hrsg.
Weitere Infos & Material
Concepts of Database Security
Database Concepts
Relational Database Security Concepts
Access Control in Relational Databases Discretionary Access Control Mandatory Access Control Role-Based Access Control
Work Objectives
Book Organization
Basic Concept of Multilevel Database Security
Introduction
Multilevel Database Relations
Polyinstantiation Invisible Polyinstantiation Visible Polyinstantiation Types of Polyinstantiation Architectural Considerations in Supporting Polyinstantiation
Multilevel Database Security Models SeaView Model Jajodia–Sandhu Model Smith–Winslett Model MLR Model Belief-Consistent Multilevel Secure Data Model
Performance Study Experimental Database Structure Impact of Varying the Number of Tuples Impact of Varying the Number of Attributes Impact of Varying the Number of Security Levels Analysis of Experimental Results
Summary
Implementation of MLS /DBMS Models
Introduction
SeaView Model Selected Operation Procedure Insert Operation Procedure Update Operation Procedure Delete Operation Procedure
Jajodia–Sandhu Model Select Operation Procedure Insert Operation Procedure Update Operation Procedure Delete Operation Procedure
Smith–Winslett Model Select Operation Procedure Insert Operation Procedure Update Operation Procedure Delete Operation Procedure
Multilevel Relational (MLR) Model Select Operation Procedure Insert Operation Procedure Update Operation Procedure Delete Operation Procedure Uplevel Operation Procedure
Belief-Consistent Multilevel Secure Relational Data Model Basic Procedures for Operations Xview (Label) Procedure Pl (Label) Procedure Sl (Label) Procedure Ib (Label) Procedure Select Operation Procedure Insert Operation Procedure Verify Operation Procedure Update Operation Procedure Delete Operation Procedure
Comparative Study for Multilevel Database Models
Summary
Fundamentals of Information Encryption
Introduction
Basic Concepts of Cryptography Goals of Cryptography Principles of Encryption
Classification of Encryption Algorithms Classification according to Encryption Structure Classification according to Keys Classification according to Percentage of Encrypted Data
Cryptanalysis
Conventional Symmetric Block Ciphers Data Encryption Standard (DES) Double DES Triple DES International Data Encryption Algorithm (IDEA) Blowfish RC5 Algorithm RC5 Encryption Algorithm RC5 Decryption Algorithm RC5 Key Expansion RC6 Algorithm RC6 Encryption Algorithm RC6 Decryption Algorithm The Advanced Encryption Standard (AES)
Modes of Operation The ECB Mode The CBC Mode The CFB Mode The OFB Mode
Encryption-Based Multilevel Model for DBMS
Introduction
The Encryption-Based Multilevel Database Model
Manipulation The INSERT Statement The DELETE Statement The SELECT Statement The UPDATE Statement The UPLEVEL Statement
Performance Study Experimental Database Structure SELECT Query Impact of Varying the Number of Tuples Impact of Varying the Number of Attributes Impact of Varying the Number of Security Levels JOIN Query Impact of Varying the Number of Tuples Impact of Varying the Number of Attributes Impact of Varying the Number of Security Levels UPDATE Query
Analysis of Experimental Results
Summary
Formal Analysis for Encryption-Based Multilevel Model for DBMS
Introduction
The Encryption-Based Multilevel Model for DBMS Definition MLR Model Definition Encryption-Based Multilevel Model for DBMS Definition
Integrity Properties Entity Integrity Polyinstantiation Integrity Data-Borrow Integrity Foreign Key Integrity Referential Integrity
Manipulation The INSERT Statement The DELETE Statement The SELECT Statement The UPDATE Statement The UPLEVEL Statement
Soundness Case 1: In the INSERT Operation Case 2: In the DELETE Operation Case 3: In the UPDATE Operation Case 4: In the UPLEVEL Operation
Completeness
Security
Summary
Concurrency Control in Multilevel Relational Databases
Introduction
Related Work
Enhanced Secure Multiversion Concurrency Control Model
Performance Evaluation Workload Model System Model Experiments and Results
Correctness of the Enhanced Secure Multiversion Concurrency Control Model Proof of Correctness
Summary
The Instance-Based Multilevel Security Model
Introduction
The Instance-Based Multilevel Security Model (IBMSM) Definition 1: The Property View Definition 2: The Class View Definition 3: The Instance View at Classification Level Lj
The Advant address of IBMSM
The Select Operation Procedure of the IBMSM
Insert Operation Procedure of the IBMSM
The Update Operation Procedure of the IBMSM
The Delete Operation Procedure of the IBMSM
Comparative Study for Polyinstantiation Models
Summary
The Source Code
Introduction
Screen Shots of the Prototype
Source Code of the Microsoft SQL Server Source Code of the Data Security Classification Level Tables Source Code of the User Security Classification Levels Source Code of the Modifications to the Base Table Source Code of the View for Each Model of the Multilevel Relational Database Models
Source Code of the Microsoft Visual Studio C# Source Code of the Classes Source Code of the Login Form Source Code of the Queries Form Source Code of the Query Form Source Code of the Concurrency
Control Form
References
Index
