Research And Realization Of Spatially-Aware Audit Model

The widespread deployment of spatial database management system,Geographic Information System,location-based services and mobile applications requires the definition of spatially aware secure systems.Capturing spatial context from the environment has a great impact on audit policy in spatial DBMS.Although some secure approaches,such as encryption,access control and intrusion detection,can prevent secure threats and attacks,they can not guarantee Spatial DBMS's complete security.Moreover,the spatial audit model,as the proof of trail analysis and responsibility investigation,plays an important role in secure spatial DBMS.Based on the analysis of traditional audit model of Object-Oriented DBMS and Relational DBMS,a spatially-aware secure audit model is presented,which enhances the spatial capability on traditional audit model,optimizes the theory of secure Spatial DBMS and affords the theory to build the stricter system for banks,bonds and military.And spatial audit system has been designed and implemented on PostgreSQL, which is an open-source ORDBMS.The main tasks are provided as follows.(1) A Spatial Audit Model,SAM,is proposed on multilevel secure spatial DBMS.The model is powerful expressively which not only expresses audit rule based on temporal constraints and spatial constraint,but also implements audit deduction based on rules.(2) With the introduction of the formal definition of spatial objects,spatial location, Spatio-Temporal Constraint,the expressions of fine-grained policies and the spatialperiodical time capability are possible in this model.(3) The audit alarm mechanism and Spatial-ECA trigger mechanism are introduced to strengthen the real-time and initiative of audit systems.(4) An Encrypted and Searchable audit log technology based on keywords is provided to protect log integrality and validity.(5) Using shared memory for policies matching and searching to reduce the negative influences and improve user transparence.(6) The audit model is realized in the secure spatial DBMS—PostgreSQL,which implements audit subsystem and improves the security of PostgreSQL.