Loss Minimization of Web Databases by Fine Grain Approach

Information is the most valuable asset for organizations. One of the goals of organizations is to share their data and at the same time to enforce their policies. Web database is a combined production with database technology and Web technology. Web database is placed on the Internet, there are many security problems. The secrecy and the integrity are two important demands of security system. When database access control and the network security are addressed separately, the security systems are not optimized sufficiently as a whole. Finegrained access control (FGAC) must be supported by web relational databases to satisfy the requirements of privacy preserving and Internet-based applications. We propose a model of integrating network security with criterion based access control to handle network security and the fine grained Web database access control simultaneously. We have implemented our model in college database and performance is evaluated. Whenever any unauthorized user altered our data a system called Web-Secure report to the authorized user via E-mail or Short Message Service (SMS). The implementation results show that how our model is suitable for web database

[1]  J. William Atwood,et al.  A Web Database Security Model Using the Host Identity Protocol , 2007, 11th International Database Engineering and Applications Symposium (IDEAS 2007).

[2]  Jun Feng,et al.  Fine-grained access control for GridFTP using SecPAL , 2007, 2007 8th IEEE/ACM International Conference on Grid Computing.

[3]  Elisa Bertino,et al.  Database security - concepts, approaches, and challenges , 2005, IEEE Transactions on Dependable and Secure Computing.

[4]  Qiang Huang,et al.  A Framework for Database Auditing , 2009, 2009 Fourth International Conference on Computer Sciences and Convergence Information Technology.

[5]  Ehud Gudes,et al.  Fine-grained access control to web databases , 2007, SACMAT '07.

[6]  Manisha R. Shinde An Overview of Database Security , 2006 .

[7]  Zhou Wen A new Web accessing database modules basing in security of information , 2008 .

[8]  Leon Pan A Unified Network Security and Fine-Grained Database Access Control Model , 2009, 2009 Second International Symposium on Electronic Commerce and Security.

[9]  S. Sudarshan,et al.  Redundancy and information leakage in fine-grained access control , 2006, SIGMOD Conference.

[10]  Xinqiang Ma,et al.  A Formal Multilevel Database Security Model , 2008, 2008 International Conference on Computational Intelligence and Security.

[11]  Jie Wang,et al.  Addressing Accuracy Issues in Privacy Preserving Data Mining through Matrix Factorization , 2007, 2007 IEEE Intelligence and Security Informatics.

[12]  Li Hua,et al.  Design of a New Web Database Security Model , 2009, 2009 Second International Symposium on Electronic Commerce and Security.

[13]  Hong Zhu,et al.  A fine-grained access control model for relational databases , 2010, Journal of Zhejiang University SCIENCE C.

[14]  Marco Vieira,et al.  An Appraisal to Assess the Security of Database Configurations , 2009, 2009 Second International Conference on Dependability.

[15]  Zhang Yuqing An Overview of Database Security , 2006 .

[16]  Neha Sehta,et al.  A Fine Grained Access Control Model for Relational Databases , 2012 .

[17]  Magdalini Eirinaki,et al.  Negative Database for Data Security , 2009, 2009 International Conference on Computing, Engineering and Information.

[18]  Pin-Han Ho,et al.  A Novel Anonymous Mutual Authentication Protocol With Provable Link-Layer Location Privacy , 2009, IEEE Transactions on Vehicular Technology.

[19]  Qing Zhao,et al.  Study on Security of Web-Based Database , 2008, 2008 IEEE Pacific-Asia Workshop on Computational Intelligence and Industrial Application.

[20]  Sohail Imran,et al.  Security Issues in Databases , 2009, 2009 Second International Conference on Future Information Technology and Management Engineering.

[21]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.