1CSC 474/574 Dr. Peng Ning 1Computer ScienceCSC 474/574Information Systems SecurityTopic 7.2: Multilevel DatabasesCSC 474/574 Dr. Peng Ning 2Computer ScienceApproaches to Multi-level Databases• Partitioning• Encryption• Integrity lock• Trusted Front-End• Distributed Databases2CSC 474/574 Dr. Peng Ning 3Computer SciencePartitioning• Separate data in different levels into differentpartitions.– Redundancy• Example: the primary key of a logical relation must beduplicated in all partitions in which the relation arestored.– Usability• Example: a high-level user needs to combine both high-level and low-level data.CSC 474/574 Dr. Peng Ning 4Computer ScienceEncryption• Encrypt the sensitive data at each level with a keyunique to that level.– Known plaintext attack• Example:– Party attribute is encrypted.– Alice knows party=“Democrat” for Bob; she can compare the ciphertextof Bob’s party attribute with other tuples• Reason: Limited set of plaintexts.– Authentication• Example:– Replace one ciphertext with another– Above problems can be partially avoided with multiple keys.– Unable to use DBMS functionalities for encrypted data.• Query optimization, indexes, etc.3CSC 474/574 Dr. Peng Ning 5Computer Science10FB10FBTSTSSecret AgentSecret AgentDataSecurity class Crypto checksum• Any unauthorized changes to data items can be detected.• Access to data items is based on the security labels.EncryptionFunctionKeyIntegrity Lock• Provide integrity and limited access for a database.CSC 474/574 Dr. Peng Ning 6Computer ScienceIntegrity Lock DBMS• Problems– Efficiency• Data expansion• Processing time required for generating, modifying, and verifyingintegrity locks– Security• Untrusted DBMS sees all data passing through it.UntrustedDBMSTrustedAccess ControllerSensitiveDatabaseUsers4CSC 474/574 Dr. Peng Ning 7Computer ScienceTrusted Front End• Trusted Front End– User authentication– Access control– Verification– Essentially a reference monitorUntrustedDBMSTrustedAccess ControllerSensitiveDatabaseUsersTrustedFrontEndCSC 474/574 Dr. Peng Ning 8Computer ScienceTrusted Front End (Cont’d)• Commutative Filters– Processes that interfaces to both the user and the DBMS.– Reformat the query by putting in more conditions to filter outunnecessary records.– Example:• Retrieve NAME where ((Occup= Physicist) ^ (City =WashDC)) From all records R• After reformatting• Retrieve NAME where ((Occup= Physicist) ^ (City =WashDC)) From all records R where(Name-level (R) <= User-level) ^(Occup-level (R) <= User-level) ^(City-level (R) <= User-level)5CSC 474/574 Dr. Peng Ning 9Computer ScienceDistributed Databases• Store data items at different level in different physicaldatabases• Trusted front-end translates each query into single-levelqueries and send to different databases• Trusted front-end combines results and returns to the
View Full Document
Unlocking...