| Security as well as performance are crucial requirements in every application design. However, security requirements of an application impose some limitations and typically have a significant impact on the performance of the application. In this thesis, we address security issues in distributed database systems, propose solutions to impose security in underlying platforms, and study the performance implications of our proposed solutions. The objective is to design efficient solutions for distributed database systems that satisfy security requirements while offering acceptable performance.; We consider three database paradigms: multilevel databases, replicated databases, and multidatabases. Each paradigm has its own unique security requirements. In a multilevel database, every component of the database is run under a multilevel security policy. Any accesses to the database must be free of potential covert channels. In this work, a multilevel log manager is designed and implemented to support logging of multiple security levels. The design uses a round-robin approach to log transaction activities of each security level. The design is channel-free and also offers good performance.; Maintaining the consistency of a common security policy in a distributed environment can be modeled as a replicated database. Strong consistency such as one-copy serializability is required since any inconsistency including transient inconsistency may lead to a security violation. Invalidation-based consistency protocol proposed in this thesis satisfies one-copy serializability and performs better than update-based protocols.; Heterogeneity and local autonomy are main characteristics of multidatabases. Summary Schemas Model (SSM) is an adjunct to a multidatabase. It helps resolve name and semantic heterogeneity in the multidatabase by defining access terms as hypernyms or hyponyms from data names of underlying local databases. As a result, accessing heterogenous data in multidatabases via access terms defined in the SSM is simple and efficient. However, those terms are publicly accessible and unprotected. Thus, an SSM authorization model is presented. The model restricts access to SSM access terms according to global roles defined at multidatabase level. Consequently, unauthorized accesses are rejected before they reach local databases. This reduces the network traffic, decreases the workload at database servers, and hence offers higher performance.; In conclusion, we present three topics to illustrate that, even under security requirements of database systems, the underlying environments are able to exhibit good performance. We believe that the ideas presented here will contribute to the design of secure and efficient database environments. |
