Research And Implementation Of Unified Access Control Model In Multi-database System

Database Security is an important part of information security. Research on the database system security is valuable and has significant pratical meanings to the secunty assuarance of the information system as a whole. An multidatabase system(MDBS), based on network and database technologies, is a system that supports data sharing and integrating of a collection of pre-existing, heterogeneous, distributed local database systems. Adding a security module into MDBS is urgent when more and more system security problems come into notice. Because of the heterogeneity, distribution and autonomy of MDBS, the security mechanism in MDBS is much different to that in traditional database.We need to resolve the correspondence of the authority between global user and local user in MDBS, and how to efficiently integrate the different access control. So, we set up an application independent of role-based and unified access control model,which integrate the DAC,MAC and RBAC in a model. Meanwhile, we give the formal definition, the architecture, the operational rules and properties of the model. The model introduce the concept of the role of label and the classification of role, and replace the role of the original model by to show that makes managers and users in the allocation of authority when it is not necessary to consider the label among users, authorities and roles. The system can automatically delegate the suitable authority to the roles and users. Introduced the outer role, inner role and basic role, the model can not only realize Discretionary Access Control but also the Mandatory Access Control. In addition, it can facilitate the management.Meanwhile, we study that the role-based unified access control model how to adapt muli-database system security requirements.This model is applied to the global database system to achieve the the reunification of global database system and the local database system.By introducing maping relation between the global role and local role, as well as the management of the database users, authorities, safety labels to achieve the uniformity.In addition, we study the mapping methods and mechanisms between the global database access control system and the local database access control system, reaching multi-database access control system model and giving the work flow of this model. To verify the security of above theory research fruits, we develop a security...