Abstract
Information security is a key issue in an Enterprise Information System (EIS) development. It is important characteristic of the entire EIS and all EIS’s information subsystems. Information security effectiveness affects adequacy of enterprise decision making at all management levels and especially depends on database security. So, it is a good practice to develop a unified relational database for several subsystems of EIS. This paper discusses an approach to multiple security system development for several subsystems using one or several schemas of the unified database. The key peculiarity of the approach is an ability to evaluate “similarity” of database security systems. The “similar” database security systems should be united into the common security system, otherwise they must be separated. The “similarity” is calculated as weighted correlation between sets of user roles permissions defined as functional on sets of database tables, data operations and user roles. The proposed approach was tested on a production database of University Management Information System that allowed optimizing of its data access control through several database schemas. Also, the approach allows automation of determining the feasibility of creating new database schemas in the further development of the EIS.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ben-Natan, R.: Implementing Database Security and Auditing: A Guide for DBA’s, Information Security Administrators and Auditors. Elsevier Digital Press, eBook, Burlington (2009)
Bender, G., Kot, L., Gehrke, J.: Explainable security for relational databases. In: Proceedings of the 2014 ACM SIGMOD International Conference on Management of Data, Snowbird, Utah, USA (2014). https://doi.org/10.1145/2588555.2593663
Bertino, E., Ghinita, G., Kamra, A.: Access control for databases: concepts and systems. Found. Trends® Databases 3(1–2), 1–148 (2011)
Blazhko, A.A., Antoshchuk, S.G., Saoud, E.: Automated design method of hierarchical access control in database. In: Proceedings of 5th IEEE International Workshop on Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications, 21–23 September, Rende (Cosenza), Italy, pp. 361–363 (2009)
Brodersen, K., Rothwein, T.M., Malden, M.S., Chen, M.J., Annadata, A.: Database access method and system for user role defined access. United States Patent, No.US6732100B1, 4 May 2004. https://patents.google.com/patent/US6732100B1/en
Grachev, V.M., Esin, V.I., Polukhina, N.G., Rassomakhin, S.G.: Data security mechanisms implemented in the database with universal model. Bull. Lebedev. Phys. Inst. 41(5), 123–126 (2014)
Guarnieri, M., Basin, D.: Optimal security-aware query processing. Proc. VLDB Endow. 7(12), 1307–1318 (2014). https://doi.org/10.14778/2732977.2733003
Kagalwala, R.A., Thompson, J.P.: Database schema for structured query language (SQL) server, United States Patent, No.USOO7653652B2, 26 January 2010. https://patents.google.com/patent/US7653652B2/en
Kuhn, D.R., Coyne, E., Timothy, R.W.: Adding attributes to role-based access control. IEEE Comput. 43(6), 79–81 (2010)
Kuji, K.: Database access system and database access method. United States Patent, No.US007778955B2, 17 August 2010. https://patents.google.com/patent/US7778955B2/en
Lucovsky, M.H., Pierce, S.D., White, S.D., Movva, R., Kalki, J., Auerbach, D.B., Ford, P.S., Jacobs, J.C., Steckler, P.A., Hsueh, W.C., Keil, K.D., Gopal, B., Kannan, S., Yi-Wen Guu, George, S.J., Hoffman, W.R., Smoot, P.M., Fang, L., Taylor, M.B., Wu, W.C., Leach, P.J., Ward, R.B., Yuan, Y.-Q.: Schema-based services for identity-based data access. United States Patent, No.USOO7302634B2, 27 November 2007. [https://patents.google.com/patent/US7302634B2/en
Olson, D.L., Subodh, K.: Enterprise information systems: contemporary trends and issues. World Scientific, 579 (2009)
Sandhu, R., Bertino, E.: Database security-concepts, approaches, and challenges. IEEE Trans. Dependable Secure Comput. 2, 2–19 (2005)
Shakhovska, N.: Consolidated processing for differential information products. In: Proceedings of the VIIth International Conference “Perspective Technologies and Methods in MEMS Design”, Polyana, Ukraine, pp. 176–177 (2011)
Shastri, A.A., Chatur, P.N.: Efficient and effective security model for database specially designed to avoid internal threats. In: Proceedings of the International Conference Smart Technologies and Management for Computing, Communication, Controls, Energy and Materials (ICSTM). IEEE (2015)
Tsoumas, B., Dritsas, S., Gritzalis, D.: An ontology-based approach to information systems security management. In: Computer Network Security (MMM-ACNS 2005), LNCS, vol. 3685, pp. 151–164. Springer, Berlin (2005)
Zhezhnych, P., Burak, T., Chyrka, O.: On the temporal access control implementation at the logical level of relational databases. In: Proceedings of the 11th International Scientific and Technical Conference on Computer Sciences and Information Technologies (CSIT), pp. 84–87 (2016)
Zhezhnych, P., Tarasov, D.: Methods of data processing restriction in ERP systems. In: Proceedings of the IEEE 13th International Scientific and Technical Conference on Computer Sciences and Information Technologies (CSIT), Lviv, Ukraine, vol. 1, pp. 274–277 (2018)
Zhezhnych, P., Tarasov, D.: On restricted set of DML operations in an ERP System’s database. In: AISC Systems and Computing III, vol. 871, pp. 256–266. Springer, Cham (2018)
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhezhnych, P., Burak, T. (2020). An Approach to Multiple Security System Development Using Database Schemas. In: Shakhovska, N., Medykovskyy, M.O. (eds) Advances in Intelligent Systems and Computing IV. CSIT 2019. Advances in Intelligent Systems and Computing, vol 1080. Springer, Cham. https://doi.org/10.1007/978-3-030-33695-0_51
Download citation
DOI: https://doi.org/10.1007/978-3-030-33695-0_51
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-33694-3
Online ISBN: 978-3-030-33695-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)