Views and security in distributed database management systems

  • E. Bertino
  • L. M. Haas
Distributed Databases And Transaction Management
Part of the Lecture Notes in Computer Science book series (LNCS, volume 303)

Abstract

Views are used in database systems to present data to different applications in a form reflecting their individual needs. The view mechanism contributes to data protection, independence, and isolation. In this paper we first discuss some issues concerning Distributed Database security and then the design of distributed views providing security features. The following issues concerning views are discussed: represention, change, authorization, and usage.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. [ASTR76]
    Astrahan M.M., et Al., ”System R: A Relational Approach to Database Management”, ACM Trans. on Database Systems, 1:2 (June, 1976) pp.97–137.Google Scholar
  2. [BERT83]
    Bertino E., Haas L.M., Lindsay B.G., ”View Management in Distributed Database Systems”, Ninth International Conference on Very Large Data Bases (Florence, November 1983).Google Scholar
  3. [CHAM75]
    Chamberlin D.D., Gray J.N., and Traiger I.L., View, Authorization and Locking in Database System”, Proc. AFIPS NCC 44 (1975).Google Scholar
  4. [CHAM80]
    Chamberlin D., ”A Summary of User Experience with the SQL Data Sublanguage” IBM Research Report RJ2767 (San Jose, CA, March 1980).Google Scholar
  5. [CLAY83]
    Claybrook H., ”Using Views in a Multilevel Secure Database Management System”, Proc. 1983 IEEE Symposium on Security and Privacy (April, 1983) pp.4–17.Google Scholar
  6. [COMP83]
    Special Issue on Data Security in Computer Networks, IEEE Computer 16:2 (February 1983).Google Scholar
  7. [DANI82]
    Daniels, D., ”Query Compilation in a Distributed Database System”, IBM Research Report RJ3423 (San Jose, CA, March 1982).Google Scholar
  8. [DENN86]
    Denning D.E., Akl S.G., Morgenstern M., Neumann P.G., Schell R.R., Heckman M. ”Views for Multilevel Database Security”, Proc. 1986 IEEE Symposium on Security and Privacy (Oakland (CA), April, 1986) pp.156–172.Google Scholar
  9. [DENN84]
    Denning D.E., ”Database Security: Access Controls” in Security and Privacy, Proc. of the Joint IBM/Newcastle upon Tyne Seminar (B.Randell, ed.), (Newcastle upon Tyne, September, 1984) pp.29–31.Google Scholar
  10. [DENN83]
    Denning D.E., Schlorer J., ”Inference Controls for Statistical Databases”, IEEE Computer 16:7 (July, 1983) pp.69–81.Google Scholar
  11. [DENN79]
    Denning D.E., and Denning P.J., ”Data Security” ACM Computing Surveys 11:3 (September, 1979) pp.227–249.Google Scholar
  12. [DENN76]
    Denning D.E., ”A Lattice Model of Secure Information Flow”, Communications of the ACM 20:7 (July, 1977) pp.504–513.CrossRefGoogle Scholar
  13. [DOWN77]
    Downs D., and Popek G.J., ”A Kernel Design for a Secure Data Base Management System”, Proc. 3rd Int. Conf. on Very Large Data Bases (Tokyo, October, 1977) pp.507–514.Google Scholar
  14. [FERN81]
    Fernandez E.B., Summers R.C., Wood C., ”Database Security and Integrity”, Addison-Wesley (1981).Google Scholar
  15. [GOLD79]
    Gold B.D. et al., ”A Security Retrofit of VM/370”, AFIPS Conf. Proc. 48, 1979 NCC, AFIPS Press (1979) pp.335–344.Google Scholar
  16. [GRIF76]
    Griffiths P., Wade B., ”An Authorization Mechanism for a Relational Database System”, ACM Trans. on Database Systems 1:3 (September, 1976) pp.242–255.Google Scholar
  17. [HAAS82]
    Haas L.M., et al., ”R*: A Research Project on a Distributed Database System”, Database Engineering Bulletin (IEEE Computer Society) 5:4 (December, 1982).Google Scholar
  18. [KRAU79]
    Krauss L.I., and MacGahan A., ”Computer Fraud and Countermeasures”, Prentice-Hall, Inc., Englewood Cliffs, NJ (1979).Google Scholar
  19. [LAND84]
    Landwehr C.E., Heitmeyer C.L., and McLean J., ”A Security Model for Military Message System”, 2:3 (August, 1984) pp.198–222. ACM Trans. on Computer Systems Google Scholar
  20. [LIND84]
    Lindsay B.G., Haas L.M., Mohan C., Wilms P.F., Yost R.A., ”Computation and Communication in R*: A Distributed Database Manager”, ACM Trans. on Computer Systems 2:1 (February) 1984. Also in Proc. 9th ACM Symposium on Operating Systems Principles (Bretton Woods, October, 1983)Google Scholar
  21. [LIND81]
    Lindsay B.G., ”Object Naming and Catalog Management for a Distributed Database Manager”, Proc. 2nd International Conference on Distributed Computing Systems (Paris, France, April, 1981).Google Scholar
  22. [LOHM85]
    Lohman G.M., Mohan C., Haas L.M., Daniels D. Lindsay B.G., Selinger P.G., Wilms P.F., ”Query Processing in R*”, In Query Processing in Database Systems (W. Kim, D. Reiner, and D. Batory, Eds.), Springer-Verlag, (1985).Google Scholar
  23. [MCCA79]
    McCauley E.J., and Drongowski P.J., ”KSOS-The Design of a Secure Operating System”, in AFIPS Conf. Proc. 48, 1979 NCC, AFIPS Press (1979) pp.345–351.Google Scholar
  24. [MURR84]
    Murray W.H., ”Security Considerations for Personal Computers”, IBM Systems Journal 23:3 1984.Google Scholar
  25. [NEED78]
    Needham R.M., and Schroeder M.D., ”Using Encryption for Authentication in Large Networks of Computers”, Communications of the ACM 20:12 (December, 1978).Google Scholar
  26. [NG82]
    Ng P., ”Distributed Compilation and Recompilation of Database Queries”, IBM Research Report RJ3375 (San Jose, CA, January, 1984).Google Scholar
  27. [PERR84]
    Perry T.S, and Wallich P., ”Can Computer Crime be Stopped?”, IEEE Spectrum 21:5 (May, 1984) pp.34–45.Google Scholar
  28. [POPE79]
    Popek, G. et al., ”UCLA Secure UNIX”, in AFIPS Conf. Proc. 48, 1979 NCC, AFIPS Press (1979) pp.355–364.Google Scholar
  29. [RUSH83]
    Rushby J., and Randell B., ”A Distributed Secure System”, IEEE Computer 16:7 (July, 1983) pp.55–67.Google Scholar
  30. [SQL81]
    IBM Corporation, ”SQL/Data System: Application Programming”, SH24-5018 (1981).Google Scholar
  31. [STON76]
    Stonebraker M., Wong E., Krep P., and Held G., ”The Design and Implementation of INGRES”, ACM Trans. on Database Systems 1:3 (September, 1976).Google Scholar
  32. [TRUE83]
    Trueblood R.P, Hartson H.R., and Martin J.J., ”MULTISAFE — A Modular Multiprocessing Approach to Secure Database Management”, ACM Trans. on Database Systems 8:3 (September, 1983) pp.382–409.Google Scholar
  33. [VOYD83]
    Voydock V.L., and Kent S.T., ”Security Mechanisms in High-Level Network Protocols”, ACM Computing Surveys 15:2 (June, 1983) pp.135–171.CrossRefGoogle Scholar
  34. [WALK80]
    Walker B.J., Kemmerer R.A., and Popek G.J., ”Specification and Verification of the UCLA Unix Security Kernel”, Communications of the ACM 23:2 (February, 1980) pp.118–131.Google Scholar
  35. [WILL81]
    Williams R., Daniels D., Haas L.M., Lapis G., Lindsay B.G., Ng P., Obermark R., Selinger P.G., Walker A., Wilms P.F., Yost R.A., ”R*: An Overview of the Architecture”, in Improving Database Usability and Responsiveness, (P.Scheuermann, ed.), Academic Press (New York, 1982) pp.1–27.Google Scholar
  36. [WILM81]
    Wilms P.F. ”A Database Authorization Mechanism Supporting Individual and Group Authorization”, in Distributed Data Sharing Systems, (van de Riet and Litwin, Eds.), North-Holland Publishing Company (1982).Google Scholar
  37. [ZIMM80]
    Zimmermann H., ”OSI Reference Model — The ISO Model of Architecture for Open System Interconnection”, IEEE Trans. on Communications 28:4 (April, 1980) pp.425–432.Google Scholar

Copyright information

© Springer-Verlag 1988

Authors and Affiliations

  • E. Bertino
    • 1
  • L. M. Haas
    • 2
  1. 1.IEI-CNR PisaItaly
  2. 2.IBM Almaden Research CenterSan JoseUSA

Personalised recommendations