Definition
This entry considers how to build secure database system software. In particular, it describes how to build a general-purpose database management system where security is an important design parameter. For the database community, the words secure database design may refer to the schema design to produce a database for a specific application with some level of security properties. There is a large amount of literature on this latter subject and a related entry in this encyclopedia (Database security). This entry concentrates mostly on how to build the software of a DBMS such that it exhibits security properties, which is called secure database development. Both approaches are contrasted so that the reader can decide which one of these problems applies to their specific case but more space is dedicated to the general secure database development problem.
Historical Background
While there is a large number of papers on...
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsRecommended Reading
Basin D.A., Doser J., and Lodderstedt T. Model driven security: from UML models to access control infrastructures. ACM Trans. Softw. Eng. Methodol., 15(1):39–91, 2006.
Bertino E. and Sandhu R. Database security – Concepts, approaches, and challenges. IEEE Trans. Dependable Sec. Comput., 2(1):2–19, 2005.
Best B., Jurjens J., and Nuseibeh B. Model-based security engineering of distributed information systems using UMLsec. In Proc. 29th Int. Conf. on Software Eng., 2007, pp. 581–590.
Castano S., Fugini M., Martella G., and Samarati P. Database Security. Addison-Wesley, 1994.
Fernandez E.B., Gudes E., and Song H. A model for evaluation and administration of security in object-oriented databases. IEEE Trans. Knowl. Database Eng., 6(2):275–292, 1994.
Fernandez E.B., Larrondo-Petrie M.M., Sorgente T., and VanHilst M. A methodology to develop secure systems using patterns, Chapter V. In Integrating Security and Software Engineering: Advances and Future Vision, H. Mouratidis, P. Giorgini (eds.). IDEA Press, 2006, pp. 107–126.
Fernandez E.B., Summers R.C., and Wood C. Database Security and Integrity (Systems Programming Series). Addison-Wesley, 1981.
Fernández-Medina E. and Piattini M. Extending OCL for secure database development. In Proc. Int. Conf. on the Unified Modeling Language, 2004, pp. 380–394.Lisbon, Portugal. LNCS,
Fernández-Medina E. and Piattini M. Designing secure databases. Inf. Softw. Technol., 47(7):463–477, 2005.
Fugini M. Secure database development methodologies. In Database Security: Status and Prospects, C.E. Landwehr (ed.). Elsevier, 1987, pp. 103–129.
Ge X., Polack F., and Laleau R. Secure Databases: an Analysis of Clark-Wilson Model in a Database Environment. In Proc. 16th Int. Conf. on Advanced Information Systems Eng., 2004, pp. 234–247.
Hafner M. and Breu R. Towards a MOF/QVT-Based Domain Architecture for Model Driven Security. In Proc. 9th Int. Conf. Model Driven Eng. Lang. and Syst., 2006.
Jurjens J. Secure Systems Development with UML. Springer, New York, 2004.
Jurjens J. Sound methods and effective tools for model-based security engineering with UML. In Proc. 27th Int. Conf. on Software Eng., 2005, pp. 322–331.
Mouratidis H., Jürjens J., and Fox J. Towards a comprehensive framework for secure systems development. In Proc. 18th Int. Conf. on Advanced Information Systems Eng., 2006, pp. 48–62.CAiSE, Luxembourg. LNCS, (Eric Dubois, Klaus Pohl, eds.),
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer Science+Business Media, LLC
About this entry
Cite this entry
Jurjens, J., Fernandez, E.B. (2009). Secure Database Development. In: LIU, L., ÖZSU, M.T. (eds) Encyclopedia of Database Systems. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-39940-9_329
Download citation
DOI: https://doi.org/10.1007/978-0-387-39940-9_329
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-35544-3
Online ISBN: 978-0-387-39940-9
eBook Packages: Computer ScienceReference Module Computer Science and Engineering