Database Security



Database Security

Introduction

The network database system is an open environment for information storage and management with massive data. Also may be confronted with frequent security attacks from many outside, which leads to a series of security problems. Great loss will occur once the data loss, illegal tampering or code loss happens. So the research on the security mechanism of network database is deepening with the development of the network and database technology.

The security management of network database has increasingly become the focus of attention.

The number of computerized databases has increased rapidly over the past three decades, and the advent of the Internet and networking capabilities has made it increasingly easy to access this data (Aceituno, 2005).

As a result, the need to develop techniques for protecting stored data became urgent in every sphere, from food to infrastructure, including government, industry, and institutions such as hospitals and universities. In the 1970s work on discretionary access control models began, but it was not until the Air Force summer study in 1982 that many of the efforts to develop multilevel secure database management systems were initiated. This resulted in the development of various secure database system prototypes and products. In the 1990s, with the advent of new technologies such as digital libraries, the World Wide Web, and collaborative computing systems, the interest in security became even more urgent (Aceituno, 2005).

Work on discretionary security for databases began in the 1970s when security was investigated for System R at IBM's Almaden Research Center. Essentially, the security properties specified the read and write access that a user may have to relations, attributes, and data elements. In the 1980s and 1990s security issues were investigated for object systems. Here the security properties specified the access that users had to objects, instance variables, and classes. In addition to read and write, method execution access was also specified.

Since the early 1980s much of the focus has been on multilevel secure database management systems, and various designs, prototypes and commercial products of multilevel database systems have been developed. Illustrative efforts include the SeaView effort by SRI International and the Lock Data Views effort by Honeywell. These efforts extended relational models with security properties. One challenge was to design a model where a user sees different values at different security levels. For example, at the unclassified level an employee's salary appears to be $20,000 and at the Secret level it appears to be $50,000 (Aceituno, 2005). In the standard relational model such ambiguous values cannot be represented due to integrity properties.

There are several other significant developments have been made on multilevel security for other types of database systems, including security for object database systems in which security properties specify read, write, and method execution policies. Much work was also carried out on secure concurrency control and recovery. The idea here was to enforce security properties and still meet consistency without having covert channels. Research was also carried out on multilevel security for distributed, heterogeneous, and federated database ...