UTD CS 6V81 - Lecture #10 Security for Distributed Data Management - D1914617

Home> Schools> The University of Texas at Dallas> Computer Science (CS) > CS 6V81> Lecture #10 Security for Distributed Data Management

DOC PREVIEW

UTD CS 6V81 - Lecture #10 Security for Distributed Data Management

School name The University of Texas at Dallas

Course Cs 6v81- Independent Study In Computer Science Real Time Data Process In Andr

Pages 26

This preview shows page 1-2-3-24-25-26 out of 26 pages.

Save

View full document

Premium Document

Do you want full access? Go Premium and unlock all 26 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

View full document

Premium Document

Do you want full access? Go Premium and unlock all 26 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

View full document

Premium Document

Do you want full access? Go Premium and unlock all 26 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

View full document

Premium Document

Do you want full access? Go Premium and unlock all 26 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

View full document

Premium Document

Do you want full access? Go Premium and unlock all 26 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

View full document

Premium Document

Do you want full access? Go Premium and unlock all 26 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

Premium Document

Do you want full access? Go Premium and unlock all 26 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

Unformatted text preview:

Data and Applications Security Developments and DirectionsOutlineA Definition of a Distributed Database SystemArchitectureDistributed ProcessorData DistributionDistributed Database FunctionsDiscretionary SecuritySecure Distributed Database SystemSlide 10Discretionary Security MechanismAccess Control PoliciesSecurity Policy IntegrationViews for SecuritySecure Distributed Database FunctionsMultilevel SecurityAspects of MLS/DDBMSArchitecture - IArchitecture - IIArchitecture IIIModules if SDP (Secure Distributed Processor)Multilevel Distributed Data ModelMLS/DDBMS FunctionsDistributed Inference ControllerSlide 25CommentsData and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasLecture #10Security for Distributed Data ManagementFebruary 10, 2005OutlineDistributed Database Systems-Architecture, Data Distribution, FunctionsSecurity Issues-Discretionary Security, Multilevel SecurityCommentsAssumption: Network is secure; focusing on securing the dataA Definition of a Distributed Database SystemA collection of database systems connected via a networkThe software that is responsible for interconnection is a Distributed Database Management System (DDBMS)Each DBMS executes local applications and should be involved in at least one global application (Ceri and Pelagetti)Homogeneous environmentArchitectureCommunication NetworkDistributed Processor 1DBMS 1Data-base 1Data-base 3Data-base 2DBMS 2DBMS 3Distributed Processor 2Distributed Processor 3Site 1Site 2Site 3Distributed ProcessorDistributedQuery/UpdateProcessorDistributedTransactionManagerDistributed Metadata ManagementNetwork InterfaceLocal DBMS InterfaceIntegrity/SecurityManagerData DistributionEMP1SS# Name Salary1 John 20 2 Paul 303 James 404 Jill 50 605 Mary6 Jane 70 D#102020 201020DnameD# MGR10 30 40Jane David Peter DEPT1SITE 1SITE 2EMP2SS# Name Salary9 Mathew70 D#50Dnam eD# MGR50MathJohn PhysicsDEPT2Davi d 80 30Peter 90 4078C. Sci. English French20PaulDistributed Database FunctionsDistributed Query Processing-Optimization techniques across the databasesDistributed Transaction Management-Techniques for distributed concurrency control and recoveryDistributed Metadata Management-Techniques for managing the distributed metadataDistributed Security/Integrity Maintenance-Techniques for processing integrity constraints and enforcing access control rules across the databasesDiscretionary Security ArchitectureDiscretionary Security MechanismsAccess ControlSecurity Policy IntegrationViews for SecuritySecure Distributed Database FunctionsSecure Distributed Database SystemA collection of secure database systems (SDBMS) connected via a secure networkThe software that is responsible for interconnection is a Secure Distributed Database Management System (SDDBMS)Each SDBMS executes local applications and should be involved in at least one global application (Ceri and Pelagetti)Homogeneous environmentArchitectureglobal userlocaluserlocaluserSecureNetworkSecureNetworkSecureDistributedProcessorSecureDistributedProcessorDistributedProcessorS-DBMSDatabaseDatabaseS-DBMS S-DBMSDatabaseDatabaseDatabaseDatabaseSecureDistributedProcessorSecureDistributedProcessorDistributedProcessorSecureDistributedProcessorSecureDistributedProcessorDistributedProcessorDiscretionary Security MechanismAccess Control and AuthorizationPoliciesAdministrationPoliciesIdentification and Authentication PoliciesDiscretionarySecurityDiscretionarySecurityAccess Control and AuthorizationPolicies enforced across the databasesAdministrationPolicies enforcedacross the databasesIdentification and Authentication Policies enforcedacross the databasesDiscretionarySecurityDiscretionarySecurity for distributed database systemsAccess Control PoliciesPositive and NegativeAuthorizationPoliciesenforced across thedatabasesRole-based access controland Usage policiesEnforced acrossthe databasesPolicies for integrity,Privacy, data sharingand collaborationenforced acrossthe databasesComponents ofAccess Control Security PoliciesFor distributeddatabasesSecurity Policy IntegrationNetworkDistributedMLS NetworkDistributed/NetworkDistributedIntegrated PolicySecurity Policyfor database systemASecurity Policyfor database systemBSecurity Policyfor database systemCViews for Security EMP1SS# Name Salary1 John 202 Paul 303 James 404 Jill 50605 Mary6 Jane 70D#102020201020DnameD# MGR103040JaneDavidPeterDEPT1SITE 1C. Sci.EnglishFrenchSITE 2EMP2SS# Name Salary9 Mathew70D#50DnameD# MGR50MathJohnPhysicsDEPT2David 80 30Peter 90 407820PaulEnamePaulJamesJillJaneEMP-DEPT View(all those who work in the Physics Department)Secure Distributed Database Functions Secure Distributed Database Functions:Distributed Query Processing: Enforce access control rulesduring query processing across databases; distributed inference control; consider security constraints during distributed query optimizationDistributed Transaction Management: Ensure security constraints are satisfied during transaction processing.Metadata management: Enforce access control on distributed metadataIntegrity management: Ensure that integrity of the data is maintained while enforcing security across the databasesMultilevel Security Aspects of MLS/DDBMSArchitecturesData ModelFunctionsInference ControlAspects of MLS/DDBMSArchitectures:Central Control,Distributed ControlFunctions:Secure Distributed Query Processing,Secure DistributedTransaction ManagementSecure Distributed Metadata ManagementSecure Distributed Constraint ProcessingModel:Multilevel Distributed Data ModelExample: Distributed Multilevel RelationsComponents ofAspects of MLS/DDBMS::ArchitecturesModelsFunctionsArchitecture - ICentralControlMLSServer2MLSServer3MLSServer1MLSDatabaseMLSDatabaseMLSDatabaseArchitecture - IIMLS Distributed DBMSMLSDatabaseMLSDatabaseMLSDatabaseMLS DBMSMLS DBMSMLS DBMSMLS DBMSMLS DBMSMLS DBMSArchitecture IIIglobal userlocaluserMultilevel SecureNetworkSecureDistributedProcessorMLS/DBMSMultilevelDatabaseMLS/DBMS MLS/DBMSMultilevelDatabaseMultilevelDatabaseSecureDistributedProcessorSecureDistributedProcessorModules if SDP (Secure Distributed Processor)SDPSDQP SDTMSDMMSDSMSDIM DQP: Distributed Query ProcessorDTM: Distributed Transaction MangierDMM: Distributed Metadata ManagerDSML Distributed Security ManagerDIM: Distributed Integrity ManagerMultilevel Distributed Data ModelEMP1 = SecretSS# Name Salary1 John 202 Paul 303 James

View Full Document