Lecturer : Assoc. Prof. Dang Tran Khah Presenter: Tran Thach Lam 1

Outline DDBMS System architecture Security policy Multilevel Data/Metadata Distribution Distributed Query Processing Transaction Management Some Issues 2

DDBMS A distributed database is a collection of data which is distributed over agerent computers of a computer network. Each site of the network has autonomous processing capability and can perform local applications. A distributed database management system supports the creation and maintenance of a distributed database 3

DDBMS 4

5

System Architecture 6

Secure distributed processor 7

Secure Policy An effective mandatory security policy for an MLS/DDBMS should ensure that users only acquire the information at or below their level Consists of a set of policies for mandatory security, discretionary security, integrity and authentication, 8

Security Policy Subjects are the active entities (such as processes) and objects are the passive entities(such as tuples or relations). Subjects and objects are assigned security levels. (unclassified < confidential < secret < top secret). A subject has read access to an object if the subject’s security level dominates the security level of the object. A subject has write access to an object if the subject’s security level is the security level of the object. A subject S1 can send a message to another subject S2 if the security level of S2 dominates. 9

Secure Policy 10

Secure Policy TCB : Trusted Computing Base The TCB hosts various trusted applications such as an MLS/DBMS and an SDP. Additional security policy extensions may be enforced by these applications depending on their designs. Two DMMs (DQPs, DTMs, DCPs) at different nodes can communicate with each other only if they both operate at the same level. Additional security policy cxtensions are enforced by certain modules of the SDP. 11

Multilevel Data/Metadata Distribution Local Data Distribution Distribution Across Sites Metadata Management Inference Problem 12

Local Data Distribution Multilevel relational data model that is used to represent the multilevel database at each local node. Each tuple is assigned a security level. 13

Distribution Across Sites Global multilevel relations could be totally or partially replicated across sites. The global relation is partitioned into horizontal subsets. The subsets could be stored across several sites. 14

Views 15

Metadata Management 16

Inference Problem Data mining, data warehouse. Now have sophisticated tools that they can employ to get data and deduce patterns that could be sensitive. Query processor of the MLS/DDBMS need examined and augmented with constraint processors 17

Distributed Query Processing Distributed Query Processor Strategies 18

Distributed Query Processor 19

Strategies 2 query-processing strategies for the join operation. Non-distributed join: Fragments of each relation at or below the user’s level are merged The lower-level polyinstantiated tuples are eliminated Join operation is performed. Distributed join: Join operations are performed between various fragments. The results of the individual join operations are merged. 20

Nondistributed join 21

Nondistributed join 22

Distributed join 23

Distributed join 24

Transaction Management Distributed Transaction Management Concurrency Control 25

Distributed Transaction Management 26

Distributed Transaction Management Policies : Each transaction is executed at the level of the user who requests the execution. A transaction does not change levels during its execution. Read /write into objects according to the mandatory security policy enforced by the system. 27

Concurrency Control Two techniques Locking Time stamping The techniques can actually handle any number of security levels. 28

Concurrency Control Locking: 2-phase locking : a transaction acquires all necessary locks first before releasing any. 2 types of lock : shared lock : read request exclusive lock: write request 29

Concurrency Control Time stamping: All transactions are given a time stamp when they begin. Data object : Read stamp & write stamp Transaction’s read request: time stamp > Obj write stamp Transaction’s write request: time stamp > Obj write & read stamp 30

Issue Covert channels : a Secret user’s query could have sensitive information that is sent to an Unclassified DBMS. Unclassified data is replicated at the St and TS databases, Secret data is replicated at the TS database. This way, a user’s query is sent only to the DBMS at the user’s level => Replicated approach 31

Other Issues Security constraints in a distributed environment Network security Issues for heterogeneous database systems Inference problem Database design 32

Type of Security Multilevel Security Discretionary Security 33

Discretionary Security Access control rules for specified type of access of user on data. An authenticator manage info of all users. Communicated each other. 34

Conclusion Idefined architecture for an MLS/DDBMS and discussed a security policy and multilevel data distribution issues. Issues on query processing, transaction management. Investigating issues on processing security constraints in a distributed environment, network security issues for an MLS/DDBMS, and security issues for heterogeneous database systems. => Forthcoming papers. 35

END 36