| With the rapid development of information and technology, database faces more serious security situation. As the center of storage and process for the important data, databases often become the targets of attacks. Research of the access control has been an important part in the field of database security, but the traditional access control technologies could not satisfy the requirements of modern database security.In this paper, we focus on the theories and implementations of access control in database, and we design and implement a security sub-system of NHSecure DBMS. The main work and research are listed as follows:⑴On the basis of traditional DAC mechanism research, we propose a double-authorization chain sets based access control (DACS) model, which supports 8 kinds of authorization management funtions including normal authorization and denial authorization, and have denial authorization mechanism and non-cascade revoking mechanism.⑵According to the definition and policies of DACS model, we design and implement the discretionary access control mechanism of NHSecure DBMS. And, we describe its'implementation in detail, such as the design of module structre, access privileges, authorization language, security data dictionary, authorization manage- ment policies and authorization arbitration policies.⑶We design and implement the mandatory access control mechanism of NHSecure DBMS, which is based on MLR model. And we mainly discuss the design of security levels, SQL statement extension, mandatory access control policies, module structre, data storage structre and the privileges for specific users. |
PDF Full Text Request