Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecturer : Assoc. Prof. Dang Tran Khah Presenter: Tran Thach Lam 1.

Published byShannon Preston Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecturer : Assoc. Prof. Dang Tran Khah Presenter: Tran Thach Lam 1."— Presentation transcript:

1 Lecturer : Assoc. Prof. Dang Tran Khah Presenter: Tran Thach Lam 1

2 Outline DDBMS System architecture Security policy Multilevel Data/Metadata Distribution Distributed Query Processing Transaction Management Some Issues 2

3 DDBMS A distributed database is a collection of data which is distributed over agerent computers of a computer network. Each site of the network has autonomous processing capability and can perform local applications. A distributed database management system supports the creation and maintenance of a distributed database 3

4 DDBMS 4

5 5

6 System Architecture 6

7 Secure distributed processor 7

8 Secure Policy An effective mandatory security policy for an MLS/DDBMS should ensure that users only acquire the information at or below their level Consists of a set of policies for mandatory security, discretionary security, integrity and authentication, 8

9 Security Policy Subjects are the active entities (such as processes) and objects are the passive entities(such as tuples or relations). Subjects and objects are assigned security levels. (unclassified < confidential < secret < top secret). A subject has read access to an object if the subject’s security level dominates the security level of the object. A subject has write access to an object if the subject’s security level is the security level of the object. A subject S1 can send a message to another subject S2 if the security level of S2 dominates. 9

10 Secure Policy 10

11 Secure Policy TCB : Trusted Computing Base The TCB hosts various trusted applications such as an MLS/DBMS and an SDP. Additional security policy extensions may be enforced by these applications depending on their designs. Two DMMs (DQPs, DTMs, DCPs) at different nodes can communicate with each other only if they both operate at the same level. Additional security policy cxtensions are enforced by certain modules of the SDP. 11

12 Multilevel Data/Metadata Distribution Local Data Distribution Distribution Across Sites Metadata Management Inference Problem 12

13 Local Data Distribution Multilevel relational data model that is used to represent the multilevel database at each local node. Each tuple is assigned a security level. 13

14 Distribution Across Sites Global multilevel relations could be totally or partially replicated across sites. The global relation is partitioned into horizontal subsets. The subsets could be stored across several sites. 14

15 Views 15

16 Metadata Management 16

17 Inference Problem Data mining, data warehouse. Now have sophisticated tools that they can employ to get data and deduce patterns that could be sensitive. Query processor of the MLS/DDBMS need examined and augmented with constraint processors 17

18 Distributed Query Processing Distributed Query Processor Strategies 18

19 Distributed Query Processor 19

20 Strategies 2 query-processing strategies for the join operation. Non-distributed join: Fragments of each relation at or below the user’s level are merged The lower-level polyinstantiated tuples are eliminated Join operation is performed. Distributed join: Join operations are performed between various fragments. The results of the individual join operations are merged. 20

21 Nondistributed join 21

22 Nondistributed join 22

23 Distributed join 23

24 Distributed join 24

25 Transaction Management Distributed Transaction Management Concurrency Control 25

26 Distributed Transaction Management 26

27 Distributed Transaction Management Policies : Each transaction is executed at the level of the user who requests the execution. A transaction does not change levels during its execution. Read /write into objects according to the mandatory security policy enforced by the system. 27

28 Concurrency Control Two techniques Locking Time stamping The techniques can actually handle any number of security levels. 28

29 Concurrency Control Locking: 2-phase locking : a transaction acquires all necessary locks first before releasing any. 2 types of lock : shared lock : read request exclusive lock: write request 29

30 Concurrency Control Time stamping: All transactions are given a time stamp when they begin. Data object : Read stamp & write stamp Transaction’s read request: time stamp > Obj write stamp Transaction’s write request: time stamp > Obj write & read stamp 30

31 Issue Covert channels : a Secret user’s query could have sensitive information that is sent to an Unclassified DBMS. Unclassified data is replicated at the St and TS databases, Secret data is replicated at the TS database. This way, a user’s query is sent only to the DBMS at the user’s level => Replicated approach 31

32 Other Issues Security constraints in a distributed environment Network security Issues for heterogeneous database systems Inference problem Database design 32

33 Type of Security Multilevel Security Discretionary Security 33

34 Discretionary Security Access control rules for specified type of access of user on data. An authenticator manage info of all users. Communicated each other. 34

35 Conclusion Idefined architecture for an MLS/DDBMS and discussed a security policy and multilevel data distribution issues. Issues on query processing, transaction management. Investigating issues on processing security constraints in a distributed environment, network security issues for an MLS/DDBMS, and security issues for heterogeneous database systems. => Forthcoming papers. 35

36 END 36

Download ppt "Lecturer : Assoc. Prof. Dang Tran Khah Presenter: Tran Thach Lam 1."

Similar presentations

Database Systems: Design, Implementation, and Management

Database Systems: Design, Implementation, and Management
Distributed Databases John Ortiz. Lecture 24Distributed Databases2  Distributed Database (DDB) is a collection of interrelated databases interconnected.

Distributed Databases John Ortiz. Lecture 24Distributed Databases2  Distributed Database (DDB) is a collection of interrelated databases interconnected.
Transaction.

Transaction.
Chapter 13 (Web): Distributed Databases

Chapter 13 (Web): Distributed Databases
DDBMS Security - Bakul Gada.

DDBMS Security - Bakul Gada.
1 Minggu 12, Pertemuan 23 Introduction to Distributed DBMS (Chapter 22.1-4, 22.6, 3rd ed.) Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.

1 Minggu 12, Pertemuan 23 Introduction to Distributed DBMS (Chapter , 22.6, 3rd ed.) Matakuliah: T0206-Sistem Basisdata Tahun: 2005 Versi: 1.0/0.0.
ABCSG - Distributed Database 1 Data Management Distributed Database Data Replication.

ABCSG - Distributed Database 1 Data Management Distributed Database Data Replication.
Distributed Database Management Systems

Distributed Database Management Systems
Distributed DBMSPage 5. 1 © 1998 M. Tamer Özsu & Patrick Valduriez Outline Introduction Background Distributed DBMS Architecture  Distributed Database.

Distributed DBMSPage 5. 1 © 1998 M. Tamer Özsu & Patrick Valduriez Outline Introduction Background Distributed DBMS Architecture  Distributed Database.
Overview Distributed vs. decentralized Why distributed databases

Overview Distributed vs. decentralized Why distributed databases
1 © Prentice Hall, 2002 Chapter 13: Distributed Databases Modern Database Management 6 th Edition Jeffrey A. Hoffer, Mary B. Prescott, Fred R. McFadden.

1 © Prentice Hall, 2002 Chapter 13: Distributed Databases Modern Database Management 6 th Edition Jeffrey A. Hoffer, Mary B. Prescott, Fred R. McFadden.
Distributed DBMSPage 5. 1 © 1998 M. Tamer Özsu & Patrick Valduriez Outline Introduction Background Distributed DBMS Architecture  Distributed Database.

Distributed DBMSPage 5. 1 © 1998 M. Tamer Özsu & Patrick Valduriez Outline Introduction Background Distributed DBMS Architecture  Distributed Database.
Definition of terms Definition of terms Explain business conditions driving distributed databases Explain business conditions driving distributed databases.

Definition of terms Definition of terms Explain business conditions driving distributed databases Explain business conditions driving distributed databases.
Distributed Databases

Distributed Databases
Distributed Databases and DBMSs: Concepts and Design

Distributed Databases and DBMSs: Concepts and Design
Secure Data Architectures

Secure Data Architectures
1 Distributed and Parallel Databases. 2 Distributed Databases Distributed Systems goal: –to offer local DB autonomy at geographically distributed locations.

1 Distributed and Parallel Databases. 2 Distributed Databases Distributed Systems goal: –to offer local DB autonomy at geographically distributed locations.
Database Design – Lecture 16

Database Design – Lecture 16
III. Current Trends: 1 - Distributed DBMSsSlide 1/32 III. Current Trends Part 1: Distributed DBMSs: Concepts and Design Lecture 12 (2 hours) Lecturer:

III. Current Trends: 1 - Distributed DBMSsSlide 1/32 III. Current Trends Part 1: Distributed DBMSs: Concepts and Design Lecture 12 (2 hours) Lecturer:
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Multilevel Secure Database.

Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #4 Multilevel Secure Database.

Similar presentations

Ads by Google