Computer Science CSC 405 Introduction to Computer Security Topic 6.2 Multi-Level Databases.

Slides:



Advertisements
Similar presentations
Rasool Jalili; 2 nd semester ; Database Security, Sharif Uni. of Tech. The Jajodia & Sandhu model Jajodia & Sandhu (1991), a model for the application.
Advertisements

Information Security Principles & Applications
Database Systems: A Practical Approach to Design, Implementation and Management International Computer Science S. Carolyn Begg, Thomas Connolly Lecture.
Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.
Physical Database Monitoring and Tuning the Operational System.
Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.
Chapter 4 Relational Databases Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 4-1.
CSC 2720 Building Web Applications Database and SQL.
Last time Finish OTR Database Security Introduction to Databases
Chapter 17 Methodology – Physical Database Design for Relational Databases Transparencies © Pearson Education Limited 1995, 2005.
Chapter 4 Relational Databases Copyright © 2012 Pearson Education 4-1.
Team Dosen UMN Physical DB Design Connolly Book Chapter 18.
SE571 Security in Computing
IST Databases and DBMSs Todd S. Bacastow January 2005.
Introduction to Data bases concepts
Secure Data Architectures
IT 221: Introduction to Information Security Principles Lecture 11: Database Security For Educational Purposes Only Revised: November 13, 2002.
CS462: Introduction to Database Systems. ©Silberschatz, Korth and Sudarshan1.2Database System Concepts Course Information Instructor  Kyoung-Don (KD)
CSC271 Database Systems Lecture # 6. Summary: Previous Lecture  Relational model terminology  Mathematical relations  Database relations  Properties.
Lecture 2 The Relational Model. Objectives Terminology of relational model. How tables are used to represent data. Connection between mathematical relations.
DATABASE MANAGEMENT SYSTEMS BASIC CONCEPTS 1. What is a database? A database is a collection of data which can be used: alone, or alone, or combined /
DATABASE MANAGEMENT SYSTEMS BASIC CONCEPTS 1. What is a database? A database is a collection of data which can be used: alone, or alone, or combined /
Chapter 6 – Database Security  Integrity for databases: record integrity, data correctness, update integrity  Security for databases: access control,
Chapters 17 & 18 Physical Database Design Methodology.
STORING ORGANIZATIONAL INFORMATION— DATABASES CIS 429—Chapter 7.
Database Security And Audit. Databasics Data is stored in form of files Record : is a one related group of data (in a row) Schema : logical structure.
Database Security John Ortiz. Lecture 23Database Security2 Secure Passwords  Two main requirements for choosing a secure password:  1) MUST be easy.
Lecture 9 Methodology – Physical Database Design for Relational Databases.
Chapter 6 – Database Security  Integrity for databases: record integrity, data correctness, update integrity  Security for databases: access control,
Sensitive Data  Data that should not be made public  What if some but not all of the elements of a DB are sensitive Inherently sensitiveInherently sensitive.
 DATABASE DATABASE  DATABASE ENVIRONMENT DATABASE ENVIRONMENT  WHY STUDY DATABASE WHY STUDY DATABASE  DBMS & ITS FUNCTIONS DBMS & ITS FUNCTIONS 
Secure Cloud Database using Multiparty Computation.
Polyinstantiation Problem
1 Polyinstantiation. 2 Definition and need for polyinstantiation Sea View model Jajodia – Sandhu model.
Physical Database Design Chapter 6. Physical Design and implementation 1.Translate global logical data model for target DBMS  1.1Design base relations.
1 Adapted from Pearson Prentice Hall Adapted form James A. Senn’s Information Technology, 3 rd Edition Chapter 7 Enterprise Databases and Data Warehouses.
Chapter 16 Methodology – Physical Database Design for Relational Databases.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Multilevel Secure Database.
Normalization (Codd, 1972) Practical Information For Real World Database Design.
Databases Collections of data. Set of rules to organize data. Types ◦ Relational: use (rows) & columns to organize. ◦ Object oriented: complex data (audio,
Lecture2: Database Environment Prepared by L. Nouf Almujally & Aisha AlArfaj 1 Ref. Chapter2 College of Computer and Information Sciences - Information.
Next-generation databases Active databases: when a particular event occurs and given conditions are satisfied then some actions are executed. An active.
1 Chapter 1 Introduction. 2 Introduction n Definition A database management system (DBMS) is a general-purpose software system that facilitates the process.
DATABASE SECURITY MODULE 5.
10/10/2012ISC239 Isabelle Bichindaritz1 Physical Database Design.
CHAPTER 5 Database Security 1. Objectives  Explain briefly the concept of databases  Identify the security requirement of the databases  List and explain.
Database Security Outline.. Introduction Security requirement Reliability and Integrity Sensitive data Inference Multilevel databases Multilevel security.
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Multilevel Secure Data Management.
Database Management COP4540, SCS, FIU Physical Database Design (2) (ch. 16 & ch. 6)
Methodology – Physical Database Design for Relational Databases.
Database Fundamentals CSC105 Furman University Peggy Batchelor.
Programming Logic and Design Fourth Edition, Comprehensive Chapter 16 Using Relational Databases.
INTRODUCTION lecture1 1. Data base concept Data is a meaningless static value. What does 3421 means? Information is the data you process in a manner that.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 23 November 9, 2004.
Database and Information Management Chapter 9 – Computers: Understanding Technology, 3 rd edition.
Archictecture for MultiLevel Database Systems Jeevandeep Samanta.
1 CS 430 Database Theory Winter 2005 Lecture 7: Designing a Database Logical Level.
Logical Design 12/10/2009GAK1. Learning Objectives How to remove features from a local conceptual model that are not compatible with the relational model.
Al-Imam University Girls Education Center Collage of Computer Science 1 st Semester, 1432/1433H Chapter 10_part 1 Functional Dependencies and Normalization.
1 Information Retrieval and Use De-normalisation and Distributed database systems Geoff Leese September 2008, revised October 2009.
Database Security Database System Implementation CSE 507 Some slides adapted from Navathe et. Al.
CSCI-235 Micro-Computers in Science Databases. Database Concepts Data is any unorganized text, graphics, sounds, or videos A database is a collection.
Database System Implementation CSE 507
Physical Changes That Don’t Change the Logical Design
Building Trustworthy Semantic Webs
Chapter 4 Relational Databases
Chapter 8 Data Base Security
Database Security (Chapter 8, Sections 4-7)
Building Trustworthy Semantic Webs
Chapter 3 The Relational Model
Presentation transcript:

Computer Science CSC 405 Introduction to Computer Security Topic 6.2 Multi-Level Databases

Computer Science MAC in DBMS Attribute values and tuples are considered as objects –Each attribute A is associated with a classification attribute C (the label) –In some models, a tuple classification attribute TC is added to the relation –Example: Employee (SSN, Name,Salary, Performance)  Employee (SSN, C SSN, Name, C Name, Salary, C Salary, Performance, C Performance, TC) Such a relation is called a multi-level relation

Computer Science SSN C S Name C N Salary C S Performance C P TC USmith U40000 CFair SS CBrown C80000 SGood CS Employee SSN C S Name C N Salary C S Performance C P TC USmith U40000 CNull CC CBrown CNull CGood CC Employee (What class C users’ see) SCUSCU SSN C S Name C N Salary C S Performance C P TC USmith UNull U U Employee (What class U users’ see)

Computer Science MAC in DBMS (Cont’d) Employee (SSN, C SSN, Name, C Name, BDate, C BDate, Salary, C Salary, TC) Primary key: –The set of attributes that can uniquely identify each tuple. Apparent key: –The set of attributes that would have formed the primary key in a regular (single-level) relation.

Computer Science Polyinstantiation Several tuples can have the same apparent key value but have different attribute values for users at different classification levels. ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager UExplore UMoon CC Enterprise CExplore CMars SS Mission

Computer Science Is this possible? What could be the real key? ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager UExplore UMoon CC Enterprise CExplore CMars SS Mission

Computer Science What if? What could be the real key? Mission ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager Uexplore CMars SS Voyager UExplore UMoon CC Enterprise CExplore CMars SS

Computer Science UPDATE Mission SET Mission = ‘Explore’, Target = ‘Moon’ WHERE ShipID = ‘Voyager’ Class C user: ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Enterprise CExplore CMars SS Mission ShipID C S Mission C M Target C T TC Voyager UNull C C Enterprise CExplore CNull CC Class C user sees

Computer Science After Update Mission What should be returned to a class C user? How about a class S user? What is the general method? ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Enterprise CExplore CMars SS

Computer Science Mission ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager UAttack CMars SS Voyager UExplore UMoon CC Enterprise CExplore CMars SS What to return to Class C user?

Computer Science Mission ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager UAttack CMars SS Voyager UExplore SMoon CS Enterprise CExplore CMars SS What to return to Class C user?

Computer Science Integrity Constraints for Multi-level relations Entity integrity –All attributes that are members of the apparent key must not be null and must have the same security class. –All other attribute values in the tuple must have a security class greater than or equal to that of the apparent key –Purpose: make the retrieved information meaningful. Null integrity –If a tuple value at some security level can be derived from a higher-level tuple, then it’s sufficient to store the higher- level tuple. –Purpose: Reduce redundancy

Computer Science Approaches to Multi-level Databases Partitioning Encryption Integrity lock Trusted Front-End Distributed Databases

Computer Science Partitioning Separate data in different levels into different partitions. –Redundancy Example: the primary key of a logical relation must be duplicated in all partitions in which the relation are stored. –Usability Example: a high-level user needs to combine both high- level and low-level data.

Computer Science Encryption Encrypt the sensitive data at each level with a key unique to that level. –Known plaintext attack Example: –Party attribute is encrypted. –Alice knows party=“Democrat” for Bob; she can compare the ciphertext of Bob’s party attribute with other tuples Reason: Limited set of plaintexts. –Authentication Example: –Replace one ciphertext with another –Above problems can be partially avoided with multiple keys. –Unable to use DBMS functionalities for encrypted data. Query optimization, indexes, etc.

Computer Science Secret AgentTS10FB Data Security classCrypto checksum Any unauthorized changes to data items can be detected. Access to data items is based on the security labels. Encryption Function Key Integrity Lock Provide integrity and limited access for a database.

Computer Science Integrity Lock DBMS Problems –Efficiency Data expansion Processing time required for generating, modifying, and verifying integrity locks –Security Untrusted DBMS sees all data passing through it. Untrusted DBMS Trusted Access Controller Sensitive Database Users

Computer Science Trusted Front End –User authentication –Access control –Verification –Essentially a reference monitor Untrusted DBMS Trusted Access Controller Sensitive Database Users Trusted Front End

Computer Science Trusted Front End (Cont’d) Commutative Filters –Processes that interfaces to both the user and the DBMS. –Reformat the query by putting in more conditions to filter out unnecessary records. –Example: Retrieve NAME where ((Occup= Physicist) ^ (City =WashDC)) From all records R After reformatting Retrieve NAME where ((Occup= Physicist) ^ (City =WashDC)) From all records R where (Name-level (R) <= User-level) ^ (Occup-level (R) <= User-level) ^ (City-level (R) <= User-level)

Computer Science Distributed Databases Store data items at different level in different physical databases Trusted front-end translates each query into single-level queries and send to different databases Trusted front-end combines results and returns to the user. High-level Untrusted DBMS Users Trusted Front End Low-level Untrusted DBMS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.