Data and Applications Security Developments and Directions - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

Data and Applications Security Developments and Directions

Description:

Overview of MLS/DBMS Designs (Concluded) ... MLS/DBMSs have been designed and developed for various kinds of database systems ... – PowerPoint PPT presentation

Number of Views:76
Avg rating:3.0/5.0
Slides: 21
Provided by: chrisc8
Category:

less

Transcript and Presenter's Notes

Title: Data and Applications Security Developments and Directions


1
Data and Applications Security Developments and
Directions
  • Dr. Bhavani Thuraisingham
  • The University of Texas at Dallas
  • Lecture 6
  • Multilevel Secure Database Management Systems -
    II
  • January 27, 2005

2
Outline
  • MLS/DBMS Designs and Prototypes
  • Challenges
  • Multilevel Secure Data Models
  • MLS/DBMS Functions
  • Directions

3
Overview of MLS/DBMS Designs
  • Hinke-Schaefer (SDC Corporation) Introduced
    operating system providing mandatory access
    control
  • Integrity Lock Prototypes Two Prototypes
    developed at MITRE using Ingres and Mistress
    relational database systems
  • SeaView Funded by Rome Air Development Center
    (RADC) (now Air Force Rome Laboratory) and used
    operating system providing mandatory access
    control and introduced polyinstation
  • Lock Data Views (LDV) Extended kernel approach
    developed by Honeywell and funded by RADC and
    investigated inference and aggregation

4
Overview of MLS/DBMS Designs (Concluded)
  • ASD, ASD-Views Developed by TRW based on the
    Trusted subject approach. ASD Views provided
    access control on views
  • SDDBMS Effort by Unisys funded by RADC and
    investigated the distributed approach
  • SINTRA Developed by Naval Research Laboratory
    based on the replicated distributed approach
  • SWORD Designed at the Defense Research Agency in
    the UK and there goal was not to have
    polyinstantiation

5
Some MLS/DBMS Commercial Products Developed
(late 1980s, early 1990s)
  • Oracle (Trusted ORACLE7 and beyond)
    Hinke-Schafer and Trusted Subject based
    architectures
  • Sybase (Secure SQL Server) Trusted subject
  • ARC Professional Services Group
    (TRUDATA/SQLSentry) Integrity Lock
  • Informix (Informix-On-LineSecure) Trusted
    Subject
  • Digital Equipment Corporation (SERdb) (this group
    is now part of Oracle Corp) Trusted Subject
  • InfoSystems Technology Inc. (Trusted RUBIX)
    Trusted Subject
  • Teradata (DBC/1012) Secure Database Machine
  • Ingres (Ingres Intelligent Database) Trusted
    Subject

6
Some Challenges Inference Problem
  • Inference is the process of forming conclusions
    from premises
  • If the conclusions are unauthorized, it becomes a
    problem
  • Inference problem in a multilevel environment
  • Aggregation problem is a special case of the
    inference problem - collections of data elements
    is Secret but the individual elements are
    Unclassified
  • Association problem attributes A and B taken
    together is Secret - individually they are
    Unclassified

7
Some Challenges Polyinstantiation
  • Mechanism to avoid certain signaling channels
  • Also supports cover stories
  • Example John and James have different salaries
    at different levels

8
Some Challenges Covert Channel
  • Database transactions manipulate data locks and
    covertly pass information
  • Two transactions T1 and T2 T1 operates at Secret
    level and T2 operates at Unclassified level
  • Relation R is classified at Unclassified level
  • T1 obtains read lock on R and T2 obtains write
    lock on R
  • T1 and T2 can manipulate when they request locks
    and signal one bit information for each attempt
    and over time T1 could covertly send sensitive
    information to T1

9
Multilevel Secure Data Model Classifying
Databases

10
Multilevel Secure Data Model Classifying
Relations

11
Multilevel Secure Data Model Classifying
Attributes/Columns


12
Multilevel Secure Data Model Classifying
Tuples/Rows

13
Multilevel Secure Data Model Classifying
Elements



14
Multilevel Secure Data Model Classifying Views




15
Multilevel Secure Data Model Classifying
Metadata





16
MLS/DBMS FunctionsOverview



17
MLS/DBMS FunctionsSecure Query Processing

18
MLS/DBMS FunctionsSecure Transaction Management


19
MLS/DBMS FunctionsSecure Integrity Management



20
Status and Directions
  • MLS/DBMSs have been designed and developed for
    various kinds of database systems including
    object systems, deductive systems and distributed
    systems
  • Provides an approach to host secure applications
  • Can use the principles to design privacy
    preserving database systems
  • Challenge is to host emerging secure applications
    including e-commerce and biometrics systems
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Data and Applications Security Developments and Directions" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!