Research On Multi-Policy Secure Database System

Posted on:2006-10-31

Degree:Doctor

Type:Dissertation

Country:China

Candidate:Z Xu

Full Text:PDF

GTID:1118360152487495

Subject:Computer application technology

Abstract/Summary:

PDF Full Text Request

Information is now important strategic resources of human beings, so it's doomed to face more and more attacks. Database systems play a key role in the storage and processing of information and are vital parts of the overall information security architecture. Nowadays, the diversification of computing enviroments, security threats and organization policies demands database systems's ability of supporting multiple security policies. According to it, this thesis conducts a series of research and has obtained the following principle achievements:1. A flexible multiple security policy supporting database system architecture (MSDA) is presented, according to the requirements and the analysis on its implementation in LOIS SDBMS v3.0 is given. MSDA not only solves the problem of fine-grained access control and controlled access mechanisms, but also minimizes the influence on the original system structure and system performance.2. According to the requirements brought out by MSDA, a DBMS-oriented access control model (DACM) is presented, which is based on the adaptation research of RBAC model. DACM focus on enriching RBAC model by adopting access control context and solves the problem of violating the principle of least privilege.3. A constrained role-based delegation model (CRDM) is presented. This model, which supports temporary constraints and regular role dependency constraints, alleviates the management burden of the separation of access control model and its management, and enriches the express power of role-base delegation model.4. A dynamic security attributes revocation enabled database system framework is figured out. Its main components are specified using pseudo code. Formal transaction model of its transaction system is given and its property of supporting dynamic security attributes revocation and serializability of the history of well-formed transactions is proven.In summary, this thesis improves the research of multi-policy secure database systems and built the foundation for the development of such database systems.

Keywords/Search Tags:

Multi-policy framework, secure database system, security policy, security model

PDF Full Text Request

Related items

1	Research On Policy Framework And Some Of Its Key Technologies For Network Security Management
2	The Research On Secure Management System And Its Secure Policy
3	Research On Automatic Generation Mechanism For Security Policy Based On Trusted Computing
4	Study On Secure Database And Its Application
5	Design And Application Research Of Secure Operating System Hybrid Multiple Policy Model
6	Research On And Enforcement Of Secure Operating System Supporting Multiple Security Policy
7	Research On Commercial Security Policy And Its Formal Analysis
8	Research On Technology Of Security Policy Transformation
9	Research On The Framework For Multi-Policies And Practice In Secure Operating System
10	Security Policy Formal Definition And Management System