1. Data and Applications Security Developments and Directions
Dr. Bhavani Thuraisingham
The University of Texas at Dallas
Lecture #10
Security for Distributed Data Management
February 10, 2005

2. Outline Distributed Database Systems
Architecture, Data Distribution, Functions
Security Issues
Discretionary Security, Multilevel Security
Comments
Assumption: Network is secure; focusing on securing the data

3. A Definition of a Distributed Database System
A collection of database systems connected via a network
The software that is responsible for interconnection is a Distributed Database Management System (DDBMS)
Each DBMS executes local applications and should be involved in at least one global application (Ceri and Pelagetti)
Homogeneous environment

4. Communication Network
Architecture
Communication Network
Distributed
Processor 1
DBMS 1
Data-
base 1
base 3
base 2
DBMS 2
DBMS 3
Processor 2
Processor 3
Site 1
Site 2
Site 3

5. Distributed Processor
Network Interface
Distributed
Query/Update
Processor
Distributed
Transaction
Manager
Distributed Metadata
Management
Integrity/
Security
Manager
Local DBMS Interface

6. Data Distribution S I T E 1 E M P 1 D E P T 1 S S # N a m e S a l a ry D # D # D n a m e M G R 1 J o h n 2 1 1 C . S c i . J a n e 2 P a u l 3 2 3 J a m e s 4 2 3 E n g l i s h D a v i d 4 J i l l 5 2 5 M a r y 6 1 4 F r e n c h P e t e r 6 J a n e 7 2 S I T E 2 E M P 2 D E P T 2 S S # N a m e S a l a r y D # D # D n a m e M G R 9 M a t h e w 7 5 5 M a t h J o h n 7 D a v i d 8 3 P h y s i c s P a u l 8 P e t e r 9 4 2

7. Distributed Database Functions
Distributed Query Processing
Optimization techniques across the databases
Distributed Transaction Management
Techniques for distributed concurrency control and recovery
Distributed Metadata Management
Techniques for managing the distributed metadata
Distributed Security/Integrity Maintenance
Techniques for processing integrity constraints and enforcing access control rules across the databases

8. Discretionary Security
Architecture
Discretionary Security Mechanisms
Access Control
Security Policy Integration
Views for Security
Secure Distributed Database Functions

9. Secure Distributed Database System
A collection of secure database systems (SDBMS) connected via a secure network
The software that is responsible for interconnection is a Secure Distributed Database Management System (SDDBMS)
Each SDBMS executes local applications and should be involved in at least one global application (Ceri and Pelagetti)
Homogeneous environment

10. Architecture

11. Discretionary Security Mechanism

12. Access Control Policies

13. Security Policy Integration

14. Views for Security

15. Secure Distributed Database Functions

16. Multilevel Security Aspects of MLS/DDBMS Architectures Data Model
Functions
Inference Control

17. Aspects of MLS/DDBMS

18. Architecture - I

19. Architecture - II

20. Architecture III

21. Modules if SDP (Secure Distributed Processor)
SDQP
SDTM
SDMM
SDSM
SDIM
DQP: Distributed Query Processor
DTM: Distributed Transaction
Mangier
DMM: Distributed Metadata Manager
DSML Distributed Security Manager
DIM: Distributed Integrity Manager

22. Multilevel Distributed Data Model

23. MLS/DDBMS Functions

24. Distributed Inference Controller

25. Discretionary Security Mechanism

26. Comments
Techniques for centralize data management have to be extended for a distributed environment
Access control enforced across databases
Inference control across databases
Web will continue to impact the development of secure distributed data managers
Network security is critical