| This thesis presents a design and implementation of a security subsystem based on Clark Wilson model (SSBCWM). The SSBCWM involves password protection, triggers and improved physical storage mechanism, which combined together to give more integrity to enhance security performance. Among these. password protection restricts users' right for database operation, designed triggers set and activate different security levels and improved physical storage mechanism which in turn decreases the risks of database caused by media failure.The SSBCWM works with a kind of three-tier client server architecture, when the companies need to use this architecture in LAN, WAN or Internet through browser server architectures it makes the system friendlier and even much easier to use. The SSBCWM gives the top management and the administrator's full reports about the users to the system and each and every step as well. Furthermore, in the end. these reports are available according to the requirements needs, such as yearly. monthly, weekly or even daily reports.One of the main key objectives of the security model is to monitor and control who accesses which objects. It controls not only which object can access which objects but also how they may be accessed. According to the design, each user has a unique security ID (SID). So that when a user logs on, the security subsystem creates a security access token. This includes a security ID for the user, other security IDs for the groups to which the user belongs to. plus other extra information such as the user's name and the groups to which that user belongs. It is worth saying that in the system menus, every group and user has different privileges and accessing limitation depending on the ranks of that menu in the database management system itself.This thesis focuses on security issues associated with building a three-tier system for access to an Oracle database. It discusses the problems which companies building three-tier systems face, and the solutions which Oracle offers through Oracle8i. Although security is one of the reasons for moving to a three-tier architecture for enterprise access, there are many practical security challenges which arise in designing a three-tier-system. These include assuring user authentication, controlling user access, auditing user actions, protecting data security between tiers, limiting privilege of the middle tier, managing identities across tiers, and building scalable systems.The security subsystem was developed to solve these problems based on its predecessor. Its goal is to respond to the user's specific questions as effectively and as accurately as possible by using three main points1. At the time of creating the database tables we have to build the constraints and make the design more powerful and strong.2. By creating various users' accounts and giving them privileges according to what we need in the database system that will make the system effective.3. By building the triggers inside ORACLE 8i database and the forms 6i in the developer 2000 together, the security subsystem will be more secure.Implementation of the security subsystem in a payroll database and the heritage database has proved its effectiveness and reliability. Besides having all the advanced features of its predecessor, such as open database connectivity, the Payroll Management System and the Heritage Management System are the ideal examples of how (SSBCWM) gives additional security to the entire system. In this, the security of the Payroll Management System and the Heritage Management System are enhanced by the use of SSBCWM. Subsequently, Security subsystem is very crucial for the enhancement of any database management system and if applied, it makes more powerful secured systems by controlling the tables, fields and the items, secure access control, table locking for concurrent transaction and easy-to-use methods for data operation through a user-friendly interface. In addition, it is also easier to make full reports to be available to top managemen...
|
PDF Full Text Request