Study Of The Multi-Policy Secure Database System

This paper aims at database security which is a hot topic of information security at present. The database is the most important part of information system and it play an important role. But, the shortage of database brings threatens to the system. These include:①Bad management of privilege: the management of priviledge in most database is discretionary. The owner of the object grant the priviledge to the user and by so the user get the operating privildge. This may results in a dangerous situation in that some users own too many priviledges, which is not secure.②The flat property of relation: The relation of most database if flat. If a user get the priviledge of a relation, then the user get the priviledge of all the data in the relation. In fact the data in a relation have different security levels.This paper adopts the database accesss model(RBAC and BLP) and improve the shortages of them. The main research results of this paper include:1. This paper proposes a new RBAC (role access control model) model named ERBAC which improve some insufficiency of RBAC model. This model redefines the elements of RBAC model and also adds some new elements that provide some new functions, simultaneously further expanded the constraint rules that guarantee the safety of the system. ERBAC is safer than RBAC and it is also practical.2. In view of a new hot topic of role based access control, this paper proposes a new delegation model DRBAC. DRBAC is a temporary, multi-step and complete delegation model. The delegation can enhance the system the usability, guaranteed the service of the system, simultaneously DRBAC proposes the more effective reliable restraint mechanism that provide credible services.3. This paper realized a multilevel secure database system using the SQL rewriting mechanism. This security database system can provide safe services with the granularity of the recording level. Simultaneously, its realization has not destroyed the access control mechanism of the original database system.4. In view of the multilevel access control and the role access control, this paper proposes a practical fusion strategy. This strategy can the effectively use the original access control strategy, and effectively reduces the performance influence because of the new strategy.The database security is extremely complex and it can not solve all problems merely depending upon superficial improvement. Enhancing the database the security need study and discuss unceasingly.