DOC PREVIEW
UTD CS 7301 - Lecture #5 Access Control in Data Management Systems

This preview shows page 1-2-23-24 out of 24 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 24 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 24 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 24 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 24 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 24 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

Data and Applications Security Developments and DirectionsOutlineAccess Control in Relational Databases: 1975 - PresentQuery Modification AlgorithmMandatory Access Control (MAC) in Databases: 1982- PresentSecurity Constraints / Access Control RulesEnforcement of Security ConstraintsOther Developments in Access ControlSome ExamplesUsage ControlAccess Control in Other Types of DatabasesAccess Control in Databases: Current Trends (1996 – Present)Data WarehouseEnforcing Access Control for Data Mining AlgorithmsAccess Control for Multimedia DatabasesAccess Control for Web DatabasesSecure Semantic WebXML SecuritySecurity and OntologiesPrivacy Constraints / Access Control RulesIntegrated Architecture for Privacy Constraint ProcessingFederated Data Management Systems for National Security and PrivacyOther PoliciesAccess Control in Databases: Next StepsData and Applications Security Developments and DirectionsDr. Bhavani ThuraisinghamThe University of Texas at DallasLecture #5Access Control in Data Management SystemsSeptember 10, 2008Outline Discretionary Access Control in Relational DatabasesMandatory Access Control in Relational Databases-Security ConstraintsTypes of Access Control-Inference problem, Role-based, Temporal, UsageAccess Control in Other Databases-Objects, FederatedCurrent Trends in Access Control-Date Warehousing, Semantic Web, Privacy Control Next Steps in Access ControlAccess Control in Relational Databases:1975 - PresentAccess Control policies were developed initially for file systems-E.g., Read/write policies for filesAccess control in databases started with the work in System R and Ingres Projects-Access Control rules were defined for databases, relations, tuples, attributes and elements-SQL and QUEL languages were extended GRANT and REVOKE StatementsRead access on EMP to User group A Where EMP.Salary < 30K and EMP.Dept <> Security-Query Modification: Modify the query according to the access control rulesRetrieve all employee information where salary < 30K and Dept is not SecurityQuery Modification AlgorithmInputs: Query, Access Control RulesOutput: Modified QueryAlgorithm:-Given a query Q, examine all the access control rules relevant to the query-Introduce a Where Clause to the query that negates access to the relevant attributes in the access control rulesExample: rules are John does not have access to Salary in EMP and Budget in DEPT Query is to join the EMP and DEPT relations on Dept #Modify the query to Join EMP and DEPT on Dept # and project on all attributes except Salary and Budget-Output is the resulting queryMandatory Access Control (MAC) in Databases: 1982- Present Bell and LaPadula Policy adapted for databases-Read at or above your level and Write at your level; Granularity of classification: Databases, Relations, Tuples, Attributes, ElementsSecurity Architectures-Operating system providing mandatory access control and DBMS is untrusted with respect to MAC (e.g., SRI’s SeaView)-Trusted Subject Architecture where DBMS is trusted with respect to MAC (e.g., TRW’s ASD and ASD Views)-Integrity Lock where Trusted front-end computes checksums (e.g., MITRE’s MISTRESS Prototype)-Distributed Architecture where data is distributed according to security levels and access through trusted front-end (e.g., NRL’s SINTRA) Extended Kernel for Security Policy Enforcement such as constraints (e.g., Honeywell’s Lock Data Views)Security Constraints / Access Control RulesSimple Constraint: John cannot access the attribute Salary of relation EMPContent-based constraint: If relation MISS contains information about missions in the Middle East, then John cannot access MISSAssociation-based Constraint: Ship’s location and mission taken together cannot be accessed by John; individually each attribute can be accessed by JohnRelease constraint: After X is released Y cannot be accessed by JohnAggregate Constraints: Ten or more tuples taken together cannot be accessed by JohnDynamic Constraints: After the Mission, information about the mission can be accessed by JohnEnforcement of Security Constraints User Interface ManagerConstraintManagerSecurity ConstraintsQuery Processor:Constraints during query and release operationsUpdate Processor:Constraints during update operationDatabase Design ToolConstraints during database design operationDatabaseRelational DBMSOther Developments in Access Control Inference Problem and Access Control-Inference problem occurs when users pose queries and deduce unauthorized information from the legitimate responses-Security constraint processing for controlling inferences -More recently there is work on controlling release information instead of controlling access to informationTemporal Access Control Models-Incorporates time parameter into the access control modelsRole-based access control-Controlling access based on roles of people and the activities they carry out; Implemented in commercial systemsPositive and Negative Authorizations-Should negative authorizations be explicitly specified? How can conflicts be resolved?Some Examples Temporal Access Control-After 1/1/05, only doctors have access to medical recordsRole-based Access Control-Manager has access to salary information-Project leader has access to project budgets, but he does not have access to salary information-What happens is the manager is also the project leader?Positive and Negative Authorizations-John has write access to EMP-John does not have read access to DEPT-John does not have write access to Salary attribute in EMP-How are conflicts resolved?Usage Control Usage Control (UCON) Model goes beyond traditional access control-Developed by Sandhu et alConsists of the following-Policies of authorizations, Obligations and Conditions-Authorization decisions are determined by policies of the subject, objects and right-Obligations are actions that are required to be performed before or during the access process-Conditions are environment restrictions that are required to be valid before or during the access processMany policies can be expressed using UCONExtensions being proposed for temporal usage controlAccess Control in Other Types of Databases Object Databases-Controlling access to classes, object instances, instance variables, method execution etc. -E.g., MCC’s ORION model both for discretionary security and mandatory securityDistributed


View Full Document

UTD CS 7301 - Lecture #5 Access Control in Data Management Systems

Documents in this Course
Load more
Download Lecture #5 Access Control in Data Management Systems
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture #5 Access Control in Data Management Systems and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture #5 Access Control in Data Management Systems 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?