Title: Data and Applications Security Developments and Directions
1Data and Applications Security Developments and
Directions
- Dr. Bhavani Thuraisingham
- The University of Texas at Dallas
- Lecture 10
- Security for Distributed Data Management
- February 10, 2005
2Outline
- Distributed Database Systems
- Architecture, Data Distribution, Functions
- Security Issues
- Discretionary Security, Multilevel Security
- Comments
- Assumption Network is secure focusing on
securing the data
3A Definition of a Distributed Database System
- A collection of database systems connected via a
network - The software that is responsible for
interconnection is a Distributed Database
Management System (DDBMS) - Each DBMS executes local applications and should
be involved in at least one global application
(Ceri and Pelagetti) - Homogeneous environment
4Architecture
5Distributed Processor
Network Interface
Distributed Query/Update Processor
Distributed Transaction Manager
Integrity/ Security Manager
Distributed Metadata Management
Local DBMS Interface
6Data Distribution
S
I
T
E
1
E
M
P
1
D
E
P
T
1
D
S
S
N
a
m
e
S
a
l
a
r
y
D
n
a
m
e
D
M
G
R
1
0
1
J
o
h
n
2
0
1
0
J
a
n
e
C
.
S
c
i
.
2
0
2
P
a
u
l
3
0
2
0
3
J
a
m
e
s
4
0
3
0
D
a
v
i
d
E
n
g
l
i
s
h
2
0
4
J
i
l
l
5
0
4
0
P
e
t
e
r
F
r
e
n
c
h
1
0
6
0
5
M
a
r
y
2
0
6
J
a
n
e
7
0
S
I
T
E
2
E
M
P
2
D
E
P
T
2
S
S
N
a
m
e
S
a
l
a
r
y
D
D
n
a
m
e
D
M
G
R
9
M
a
t
h
e
w
7
0
5
0
5
0
J
o
h
n
M
a
t
h
D
a
v
i
d
8
0
3
0
7
P
h
y
s
i
c
s
P
a
u
l
2
0
P
e
t
e
r
9
0
4
0
8
7Distributed Database Functions
- Distributed Query Processing
- Optimization techniques across the databases
- Distributed Transaction Management
- Techniques for distributed concurrency control
and recovery - Distributed Metadata Management
- Techniques for managing the distributed metadata
- Distributed Security/Integrity Maintenance
- Techniques for processing integrity constraints
and enforcing access control rules across the
databases
8Discretionary Security
- Architecture
- Discretionary Security Mechanisms
- Access Control
- Security Policy Integration
- Views for Security
- Secure Distributed Database Functions
9Secure Distributed Database System
- A collection of secure database systems (SDBMS)
connected via a secure network - The software that is responsible for
interconnection is a Secure Distributed Database
Management System (SDDBMS) - Each SDBMS executes local applications and should
be involved in at least one global application
(Ceri and Pelagetti) - Homogeneous environment
10Architecture
11Discretionary Security Mechanism
12Access Control Policies
13Security Policy Integration
14Views for Security
15Secure Distributed Database Functions
16Multilevel Security
- Aspects of MLS/DDBMS
- Architectures
- Data Model
- Functions
- Inference Control
17Aspects of MLS/DDBMS
18Architecture - I
19Architecture - II
20Architecture III
21Modules if SDP (Secure Distributed Processor)
DQP Distributed Query Processor DTM Distributed
Transaction Mangier DMM Distributed Metadata
Manager DSML Distributed Security Manager DIM
Distributed Integrity Manager
22Multilevel Distributed Data Model
23MLS/DDBMS Functions
24Distributed Inference Controller
25Discretionary Security Mechanism
26Comments
- Techniques for centralize data management have to
be extended for a distributed environment - Access control enforced across databases
- Inference control across databases
- Web will continue to impact the development of
secure distributed data managers - Network security is critical