Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science CSC 405 Introduction to Computer Security Topic 6.2 Multi-Level Databases.

Published byVanessa Hudson Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Science CSC 405 Introduction to Computer Security Topic 6.2 Multi-Level Databases."— Presentation transcript:

1 Computer Science CSC 405 Introduction to Computer Security Topic 6.2 Multi-Level Databases

2 Computer Science MAC in DBMS Attribute values and tuples are considered as objects –Each attribute A is associated with a classification attribute C (the label) –In some models, a tuple classification attribute TC is added to the relation –Example: Employee (SSN, Name,Salary, Performance)  Employee (SSN, C SSN, Name, C Name, Salary, C Salary, Performance, C Performance, TC) Such a relation is called a multi-level relation

3 Computer Science SSN C S Name C N Salary C S Performance C P TC 111111111 USmith U40000 CFair SS 222222222 CBrown C80000 SGood CS Employee SSN C S Name C N Salary C S Performance C P TC 111111111 USmith U40000 CNull CC 222222222 CBrown CNull CGood CC Employee (What class C users’ see) SCUSCU SSN C S Name C N Salary C S Performance C P TC 111111111 USmith UNull U U Employee (What class U users’ see)

4 Computer Science MAC in DBMS (Cont’d) Employee (SSN, C SSN, Name, C Name, BDate, C BDate, Salary, C Salary, TC) Primary key: –The set of attributes that can uniquely identify each tuple. Apparent key: –The set of attributes that would have formed the primary key in a regular (single-level) relation.

5 Computer Science Polyinstantiation Several tuples can have the same apparent key value but have different attribute values for users at different classification levels. ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager UExplore UMoon CC Enterprise CExplore CMars SS Mission

6 Computer Science Is this possible? What could be the real key? ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager UExplore UMoon CC Enterprise CExplore CMars SS Mission

7 Computer Science What if? What could be the real key? Mission ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager Uexplore CMars SS Voyager UExplore UMoon CC Enterprise CExplore CMars SS

8 Computer Science UPDATE Mission SET Mission = ‘Explore’, Target = ‘Moon’ WHERE ShipID = ‘Voyager’ Class C user: ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Enterprise CExplore CMars SS Mission ShipID C S Mission C M Target C T TC Voyager UNull C C Enterprise CExplore CNull CC Class C user sees

9 Computer Science After Update Mission What should be returned to a class C user? How about a class S user? What is the general method? ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Enterprise CExplore CMars SS

10 Computer Science Mission ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager UAttack CMars SS Voyager UExplore UMoon CC Enterprise CExplore CMars SS What to return to Class C user?

11 Computer Science Mission ShipID C S Mission C M Target C T TC Voyager UAttack SMars SS Voyager UAttack CMars SS Voyager UExplore SMoon CS Enterprise CExplore CMars SS What to return to Class C user?

12 Computer Science Integrity Constraints for Multi-level relations Entity integrity –All attributes that are members of the apparent key must not be null and must have the same security class. –All other attribute values in the tuple must have a security class greater than or equal to that of the apparent key –Purpose: make the retrieved information meaningful. Null integrity –If a tuple value at some security level can be derived from a higher-level tuple, then it’s sufficient to store the higher- level tuple. –Purpose: Reduce redundancy

13 Computer Science Approaches to Multi-level Databases Partitioning Encryption Integrity lock Trusted Front-End Distributed Databases

14 Computer Science Partitioning Separate data in different levels into different partitions. –Redundancy Example: the primary key of a logical relation must be duplicated in all partitions in which the relation are stored. –Usability Example: a high-level user needs to combine both high- level and low-level data.

15 Computer Science Encryption Encrypt the sensitive data at each level with a key unique to that level. –Known plaintext attack Example: –Party attribute is encrypted. –Alice knows party=“Democrat” for Bob; she can compare the ciphertext of Bob’s party attribute with other tuples Reason: Limited set of plaintexts. –Authentication Example: –Replace one ciphertext with another –Above problems can be partially avoided with multiple keys. –Unable to use DBMS functionalities for encrypted data. Query optimization, indexes, etc.

16 Computer Science Secret AgentTS10FB Data Security classCrypto checksum Any unauthorized changes to data items can be detected. Access to data items is based on the security labels. Encryption Function Key Integrity Lock Provide integrity and limited access for a database.

17 Computer Science Integrity Lock DBMS Problems –Efficiency Data expansion Processing time required for generating, modifying, and verifying integrity locks –Security Untrusted DBMS sees all data passing through it. Untrusted DBMS Trusted Access Controller Sensitive Database Users

18 Computer Science Trusted Front End –User authentication –Access control –Verification –Essentially a reference monitor Untrusted DBMS Trusted Access Controller Sensitive Database Users Trusted Front End

19 Computer Science Trusted Front End (Cont’d) Commutative Filters –Processes that interfaces to both the user and the DBMS. –Reformat the query by putting in more conditions to filter out unnecessary records. –Example: Retrieve NAME where ((Occup= Physicist) ^ (City =WashDC)) From all records R After reformatting Retrieve NAME where ((Occup= Physicist) ^ (City =WashDC)) From all records R where (Name-level (R) <= User-level) ^ (Occup-level (R) <= User-level) ^ (City-level (R) <= User-level)

20 Computer Science Distributed Databases Store data items at different level in different physical databases Trusted front-end translates each query into single-level queries and send to different databases Trusted front-end combines results and returns to the user. High-level Untrusted DBMS Users Trusted Front End Low-level Untrusted DBMS

Download ppt "Computer Science CSC 405 Introduction to Computer Security Topic 6.2 Multi-Level Databases."

Similar presentations

Rasool Jalili; 2 nd semester 1387-1388; Database Security, Sharif Uni. of Tech. The Jajodia & Sandhu model Jajodia & Sandhu (1991), a model for the application.

Rasool Jalili; 2 nd semester ; Database Security, Sharif Uni. of Tech. The Jajodia & Sandhu model Jajodia & Sandhu (1991), a model for the application.
Information Security Principles & Applications

Information Security Principles & Applications
Database Systems: A Practical Approach to Design, Implementation and Management International Computer Science S. Carolyn Begg, Thomas Connolly Lecture.

Database Systems: A Practical Approach to Design, Implementation and Management International Computer Science S. Carolyn Begg, Thomas Connolly Lecture.
Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.

Security in Databases. 2 Srini & Nandita (CSE2500)DB Security Outline review of databases reliability & integrity protection of sensitive data protection.
Physical Database Monitoring and Tuning the Operational System.

Physical Database Monitoring and Tuning the Operational System.
Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.

Security in Databases. 2 Outline review of databases reliability & integrity protection of sensitive data protection against inference multi-level security.
Chapter 4 Relational Databases Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 4-1.

Chapter 4 Relational Databases Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 4-1.
CSC 2720 Building Web Applications Database and SQL.

CSC 2720 Building Web Applications Database and SQL.
Last time Finish OTR Database Security Introduction to Databases

Last time Finish OTR Database Security Introduction to Databases
Chapter 17 Methodology – Physical Database Design for Relational Databases Transparencies © Pearson Education Limited 1995, 2005.

Chapter 17 Methodology – Physical Database Design for Relational Databases Transparencies © Pearson Education Limited 1995, 2005.
Chapter 4 Relational Databases Copyright © 2012 Pearson Education 4-1.

Chapter 4 Relational Databases Copyright © 2012 Pearson Education 4-1.
Team Dosen UMN Physical DB Design Connolly Book Chapter 18.

Team Dosen UMN Physical DB Design Connolly Book Chapter 18.
SE571 Security in Computing

SE571 Security in Computing
IST 210 1 Databases and DBMSs Todd S. Bacastow January 2005.

IST Databases and DBMSs Todd S. Bacastow January 2005.
Introduction to Data bases concepts

Introduction to Data bases concepts
Secure Data Architectures

Secure Data Architectures
IT 221: Introduction to Information Security Principles Lecture 11: Database Security For Educational Purposes Only Revised: November 13, 2002.

IT 221: Introduction to Information Security Principles Lecture 11: Database Security For Educational Purposes Only Revised: November 13, 2002.
CS462: Introduction to Database Systems. ©Silberschatz, Korth and Sudarshan1.2Database System Concepts Course Information Instructor  Kyoung-Don (KD)

CS462: Introduction to Database Systems. ©Silberschatz, Korth and Sudarshan1.2Database System Concepts Course Information Instructor  Kyoung-Don (KD)
CSC271 Database Systems Lecture # 6. Summary: Previous Lecture  Relational model terminology  Mathematical relations  Database relations  Properties.

CSC271 Database Systems Lecture # 6. Summary: Previous Lecture  Relational model terminology  Mathematical relations  Database relations  Properties.
Lecture 2 The Relational Model. Objectives Terminology of relational model. How tables are used to represent data. Connection between mathematical relations.

Lecture 2 The Relational Model. Objectives Terminology of relational model. How tables are used to represent data. Connection between mathematical relations.

Similar presentations

Ads by Google