A tutorial on secure database systems

Abstract Database security plays an important role in the overall security of information systems and networks. This is both because of the nature of this technology and its widespread use today. The development of appropriate secure database design and implementation methodologies is therefore an important research problem and a necessary prerequisite for the successful development of such systems. The general framework and requirements for database security are given and a number of parameters of the secure database design and implementation problem are presented and discussed in this paper. A secure database system development methodology is then presented which could help overcome some of the problems currently encountered.

[1]  H. Rex Hartson Database security-system architectures , 1981, Inf. Syst..

[2]  Bhavani M. Thuraisingham,et al.  Multilevel Security in Database Management Systems , 1987, Comput. Secur..

[3]  Thomas H. Hinke,et al.  DBMS Trusted Computing Base Taxonomy , 1989, DBSec.

[4]  Richard D. Graubart,et al.  A Comparison of Three Secure DBMS Architectures , 1989, DBSec.

[5]  Ronald Fagin,et al.  On an authorization mechanism , 1978, TODS.

[6]  Irving L. Traiger,et al.  System R: relational approach to database management , 1976, TODS.

[7]  Giancarlo Martella,et al.  Data security management in distributed data bases , 1982, Inf. Syst..

[8]  Michael Stonebraker,et al.  The design and implementation of INGRES , 1976, TODS.

[9]  Hilary H. Hosmer,et al.  Designing Multilevel Secure Distributed Databases , 1988, DBSec.

[10]  Carl E. Landwehr,et al.  Formal Models for Computer Security , 1981, CSUR.

[11]  Cannataci Ja Data protection issues in database management and expert systems. , 1991 .

[12]  Moshé M. Zloof Query-by-Example: A Data Base Language , 1977, IBM Syst. J..

[13]  Bradford W. Wade,et al.  An authorization mechanism for a relational database system , 1976, TODS.

[14]  William C. McGee The Information Management System IMS/VS Part V: Transaction Processing Facilities , 1977, IBM Syst. J..

[15]  Carl E. Landwehr The Best Available Technologies for Computer Security , 1983, Computer.

[16]  Joachim Biskup,et al.  Analysis of the Privacy Model for the Information System DORIS , 1988, DBSec.

[17]  Nancy G. Leveson,et al.  Safety Analysis Using Petri Nets , 1987, IEEE Transactions on Software Engineering.

[18]  T. C. Ting Application Information Security Semantics: A Case of Mental Health Delivery , 1989, DBSec.

[19]  Maria Grazia Fugini Secure Database Development Methodologies , 1987, DBSec.