Database Security Control Research And Application Of The Model

Database is one of the most rapidly developing subjects in the computer sceince field. The data which being managed and stored in the database system are curcial resouces in each department. So establishing the information and application system based on the database are very important in many aspects such as improving benefit of the corporation, developing economy of the society and improving life of the people. But at the same time serious fatalness and frangibility are also existed. The securities of information and database have been ensurence of the healthy development of economy and society. Computer security involved many aspects including encryption, authentication, and access control and inspecting of inbreak. In the aspect of access control, researchers have put forward some polies and models of access control such as discretionary access control, mandatory access control, Bell-LaPadula policy and role-based access control. But some aim at single policy, and some neglect several important factors such as task, these are all need to enhance and improve on.The paper studies the security model based on role and task and the lattice model for control systematically. The paper combines the two security control models and designs an Improved Extensible Access Control Management (EACMM) model. The model is arrangement and gradual. Security administrators of different levels can extend main body model and access control purview in the rule range on the base of their own purview. At the same time they can establish new security administrators and grant them corresponding managing purview. The paper improves a Flexible Extensible Anthorization Language (FEAL) denoting multiple access policies. The language describes data access formally adopting expressing way of extended logic program. System security administrators can describe multiple security policies based on security requirement of practical application and in this way finishes the access to database. The paper applies this management model to the research of database security management sub-system of HeiLongJiang Province Anti-Flood Decision Support System and carry on a certain extend of practice.