Database and Applications Security : Integrating Information Security and Data Management book cover
1st Edition

Database and Applications Security
Integrating Information Security and Data Management




ISBN 9780849322242
Published May 26, 2005 by Auerbach Publications
656 Pages 50 B/W Illustrations

FREE Standard Shipping
USD $150.00

Prices & shipping based on shipping country


Preview

Book Description

This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing.

Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging applications.

Table of Contents

Foreword

Preface

Acknowledgments

About the Author

Introduction

Trends

Supporting Technologies for Database and Applications Security

Discretionary Security in Database Systems

Multilevel Secure Data Management

Multilevel Secure Relational Data Models and Systems

Inference Problem

Secure Distributed Database Systems

Secure Object and Multimedia Data Systems

Data Warehousing, Data Mining, Security, and Privacy

Secure Web Information Management Technologies

Emerging Secure Information Management Technologies

Organization of This Book

Next Steps

PART I: SUPPORTING TECHNOLOGIES FOR DATABASE AND APPLICATIONS SECURITY

Data Management Technologies

Overview

Relational and Entity-Relationship Data Models

Overview

Relational Data Model

Entity-Relationship Data Model

Architectural Issues

Database Design

Database Administration

Database Management System Functions

Overview

Query Processing

Transaction Management

Storage Management

Metadata Management

Database Integrity

Fault Tolerance

Other Functions

Distributed Databases

Heterogeneous Database Integration

Federated Databases

Client/Server Databases

Migrating Legacy Databases and Applications

Data Warehousing

Data Mining

Impact of the Web

Object Technology

Overview

Object Data Model

Other Object Technologies

Other Database Systems

Summary and Directions

References

Exercises

Information Security

Overview

Access Control and Other Security Concepts

Secure Systems

Secure Operating Systems

Secure Database Systems

Secure Networks

Emerging Trends

Impact of the Web

Steps to Building Secure Systems

Summary and Directions

References

Exercises

Information Management Technologies

Overview

Information Retrieval Systems

Text Retrieval

Image Retrieval

Video Retrieval

Audio Retrieval

Multimedia Data and Information Management

Digital Libraries

Overview

Web Database Management

Markup Languages

Search Engines

Question-Answering Systems

Knowledge Management

Collaboration and Data Management

E-Commerce Technologies

Semantic Web Technologies

Wireless and Sensor Information Management

Real-Time Processing and Quality-of-Service Aspects

High-Performance Computing Technologies

Some Other Information Management Technologies

Overview

Visualization

Decision Support

Agents

Peer-to-Peer Data Management

Summary and Directions

References

Exercises

Conclusion to Part I

PART II: DISCRETIONARY SECURITY FOR DATABASE SYSTEMS

Security Policies

Overview

Access-Control Policies

Overview

Authorization Policies

Role-Based Access Control

Administration Policies

Identification and Authentication

Auditing a Database System

Views for Security

Summary and Directions

References

Exercises

Policy Enforcement and Related Issues

Overview

SQL Extensions for Security

Query Modification

Discretionary Security and Database Functions

Visualization of Policies

Prototypes and Products

Summary and Directions

References

Exercises

Conclusion to Part II

PART III: MANDATORY SECURITY

FOR DATABASE SYSTEMS

Historical Developments

Overview

Early Efforts

Air Force Summer Study

Major Research and Development Efforts

Trusted Database Interpretation

Types of Multilevel Secure Database Systems

Overview

Relational Database Systems

Entity-Relationship Systems

Object Database Systems

Distributed and Heterogeneous Database Systems

Deductive Database Systems

Functional Database Systems

Parallel Database Systems

Real-Time Database Systems

Hard Problems

Emerging Technologies

Summary and Directions

References

Exercises

Design Principles

Overview

Mandatory Access Control

Overview

Mandatory Access-Control Policies

Security Architectures

Overview

Integrity Lock

Operating System Providing Access Control

Kernel Extensions Architecture

Trusted Subject Architecture

Distributed Architecture

Summary and Directions

References

Exercises

Conclusion to Part III

PART IV: MULTILEVEL SECURE RELATIONAL DATABASE SYSTEMS

Multilevel Relational Data Models

Overview

Granularity of Classification

Polyinstantiation

Toward Developing a Standard Multilevel Relational

Data Model

Summary and Directions

References

Exercises

Security Impact on Database Functions

Overview

Query Processing

Transaction Processing

Storage Management

Metadata Management

Other Functions

Summary and Directions

References

Exercises

Prototypes and Products

Overview

Prototypes

Overview

Discussion of Prototypes

Hinke–Schaefer

Naval Surveillance Model

Integrity Lock Prototypes

SeaView

Lock Data Views

ASD and ASD-Views

SINTRA and SDDBMS

SWORD

Products

Overview

Discussion of Products

TRUDATA

Sybase Secure SQL Server

Trusted Oracle

Trusted Informix

Trusted Rubix

SERdb

Secure Teradata Machine

INGRES

Summary and Directions

References

Exercises

Conclusion to Part IV

PART V: THE INFERENCE PROBLEM

A Perspective of the Inference Problem

Overview

Statistical Database Inference

Discussion of Approaches for Handling Inference in a MLS/DBMS

Complexity of the Inference Problem

Summary and Directions

References

Exercises

Security-Constraint Processing for Inference Control

Overview

Background

Security Constraints

Simple Constraints

Content-Based Constraints

Association-Based Constraints (also Called Context or Together Constraints)

Event-Based Constraints

General Release-Based Constraints

Individual Release-Based Constraints

Aggregate Constraints

Logical Constraints

Constraints with Conditions

Other Constraints

Level-Based Constraints

Fuzzy Constraints

Complex Constraints

Approach to Security Constraint Processing

Consistency and Completeness of the Constraints

Algorithm A: Consistency and Completeness Checker

Design of the Query Processor

Security Policy

Functionality of the Query Processor

Query Modification

Response Processing

Design of the Update Processor

Security Policy

Functionality of the Update Processor

Handling Security Constraints During Database Design

Overview

Security Control Processing and Release Control

Summary and Directions

References

Exercises

Conceptual Structures for Inference Control

Overview

Semantic Nets and the Inference Problem

Overview

Multilevel Semantic Nets

Reasoning with Multilevel Semantic Nets

Implicit Information

Conditional Statements and Auxiliary Nets

Enforcing Security Constraints

Universal and Existential Conditionals

Semantics

Multilevel Worlds

Interpretations

Ground Vectors

Ground Conditionals

Universal Conditionals

Existential Conditionals

Refutations

Summary and Directions

References

Exercises

Conclusion to Part V

PART VI: SECURE DISTRIBUTED AND HETEROGENEOUS DATABASE SYSTEMS

Discretionary Security for Distributed Database Systems

Overview

Discretionary Security

Overview

Access-Control Policies

Distributed Access Control

Role-Based Access Control

Identification and Authentication

Auditing a Distributed Database System

Security Policy Integration

Query Modification

View Mechanism

SQL for Distributed Database Security

Security Impact on Distributed Database Functions

Security for Emerging Distributed System Technologies

Summary and Directions

References

Exercises

Multilevel Security for Distributed Database Systems

Overview

Background

Architectures

Distributed Data and Centralized Control

Distributed Data and Distributed Control

Data Modeling

Functions

Inference Problem for a MLS/DDBMS

Summary and Directions

References

Exercises

Secure Heterogeneous and Federated Database Systems

Overview

Background

Architectures

Schema Integration

Policy Integration

Functions

Inference Problem

Secure Client/Server Database Management

Secure Migration of Legacy Databases and Applications

Summary and Directions

References

Exercises

Conclusion to Part VI

PART VII: SECURE OBJECT AND MULTIMEDIA SYSTEMS

Discretionary and Multilevel Security for Object

Database Systems

Overview

Discretionary Security

Overview

Policy Issues

Policy Enforcement

Example Systems

Overview

ORION

IRIS

STARBURST

GEMSTONE

Multilevel Security

Overview

Policy Issues

System Design Issues

Example Systems

Overview

SODA System

SORION Model

SO Model

Millen–Lunt Model

Jajodia–Kogan Model

Morgenstern’s Model

UFOS Model

Summary and Directions

References

Exercises

Aspects of Objects and Security

Overview

Security for Object Request Brokers

Overview

OMG Security Services

Secure Components and Frameworks

Object Modeling for Secure Applications

Overview

Multilevel OMT

UML and Security

Summary and Directions

References

Exercises

Secure Multimedia Data Management Systems

Overview

Security for Multimedia Data Management Systems

Overview

Security Policy

Secure System Architectures for Multimedia

Database Systems

Secure Data Models for Multimedia Database Systems

Security Impact on Multimedia Data and Information

Management Functions

Secure Distributed Multimedia Data Management

Inference Problem

Secure Geospatial Information Systems

Summary and Directions

References

Exercises

Conclusion to Part VII

PART VIII: DATA WAREHOUSING, DATA MINING, SECURITY, AND PRIVACY

Secure Data Warehousing

Overview

Background

Secure Information Technologies for Data Warehousing

Designing a Secure Data Warehouse

Data Quality and Data Warehousing

A Note on Multilevel Security

Secure Data Warehousing, Data Mining, and Decision Support

Summary and Directions

References

Exercises

Data Mining for Security Applications

Overview

Data Mining for National Security

Overview

Non-Information-Related Terrorism

Terrorist Attacks and External Threats

Insider Threats

Transportation and Border Security Violations

Data Mining for National Security Applications

Non-Real-Time Threats

Real-Time Threats

Analyzing the Techniques

Link Analysis

Data Mining for Cyber-Security

Overview

Cyber-Terrorism, Insider Threats, and External Attacks

Malicious Intrusions

Credit Card Fraud and Identity Theft

Attacks on Critical Infrastructure

Data Mining for Cyber-Security

Summary and Directions

References

Exercises

Privacy

Overview

Privacy Considerations

Data Warehousing, Data Mining, Security, and Privacy

Inference Problem and Privacy

Privacy-Enhanced/Sensitive/Preserving Data Mining

Confidentiality and Privacy

Civil Liberties and National Security

Federated Data Management, Data Sharing, and Privacy

Summary and Directions

References

Exercises

Conclusion to Part VIII

PART IX: SECURE WEB DATA AND INFORMATION

MANAGEMENT TECHNOLOGIES

Secure Web Data Management and Digital Libraries

Overview

Threats to Web Security

Overview

General Cyber-Threats

Threats to Web Databases

Web Security Solutions

Overview

Solutions for General Threats

Securing Components and Firewalls

Cryptography

Risk Analysis

Biometrics, Forensics, and Other Solutions

Solutions for Threats to Web Databases

Data Mining

Constraint Processing

Role-Based Access Control

Fault-Tolerant Processing, Recovery, and

Replication

Secure Digital Libraries

Overview

Secure Web Database Functions

Secure Information Retrieval

Secure Search Engines

Secure Markup Languages

Secure Question-Answering Systems

Summary and Directions

References

Exercises

Security for XML, RDF, and the Semantic Web

Overview

Security for the Semantic Web

Overview

XML Security

RDF Security

Secure Information Interoperability

Secure Query and Rules Processing for the

Semantic Web

Trust for the Semantic Web

Access Control and Dissemination of XML Documents

Privacy and the Semantic Web

Overview

Data Mining, National Security, Privacy, and the

Semantic Web

Solutions to the Privacy Problem

Secure Web Services

Secure Agents and Related Technologies

Secure Grid and Secure Semantic Grid

Security Impact on the Database as a Service Model

Summary and Directions

References

Exercises

Secure E-Commerce, Collaboration, and Knowledge Management

Overview

Secure E-Commerce

Secure Workflow and Collaboration

Secure Knowledge Management

Secure Peer-to-Peer Data Management

Secure Dynamic Coalitions and Virtual Organizations

Trust and Rights Management

Security Informatics

Summary and Directions

References

Exercises

Conclusion to Part IX

PART X: EMERGING SECURE DATA MANAGEMENT TECHNOLOGIES AND APPLICATIONS

Secure Dependable Data Management

Overview

Dependable Systems

Dependable Infrastructure and Data Management

Overview

Dependable Infrastructure

Dependable Data Managers

Security Issues

Data Quality

Overview

Developments in Data Quality

Annotations for Data Quality

Semantic Web and Data Quality

Data Mining and Data Quality

Security and Data Quality

Critical Infrastructure Protection

Summary and Directions

References

Exercises

Secure Sensor and Wireless Information Management

Overview

Security for Sensor Databases

Overview

Security Policy

Security Architectures

Security Impact on Sensor Database Functions

Secure Distributed Sensor Data Management

Inference Problem

Privacy Considerations

Secure Sensor Data Management Issues Unique to Sensor

Networks

Overview

Strategic Path Reliability in Information-Gathering

Sensor Networks

Handling Non-overlapping and Incomparable

Security Levels

Security Architectural Impact on Sensor Networks

Handling Unique Constraints

Secure Wireless and Mobile Data Management

A Note on Secure Telecommunications Information

Management

Security for Moving Databases

Summary and Directions

References

Exercises

Digital Identity, Forensics, and Related Topics

Overview

Digital Identity

Identity Theft Management

Biometrics

Digital Forensics

Steganography and Digital Watermarking

Risk and Economic Analysis

Other Secure Systems and Applications

The Role of Database and Applications Security for Homeland Security

Summary and Directions

References

Exercises

Conclusion to Part X

Summary and Directions

About This Chapter

Summary of This Book

Directions for Database and Applications Security

Where Do We Go from Here?

Appendices A

Data Management Systems: Developments and Trends

Overview

Developments in Database Systems

Status, Vision, and Issues

Data Management Systems Framework

Building Information Systems from the Framework

Relationship between the Texts

Summary

References

B Suggested Reading: Books in Database Systems and Information Security

Database Systems

Information and Database Security

Distributed Database Systems

Object Databases, Distributed Objects, and Object Modeling

Multimedia Databases

Intelligent and Deductive Database Systems

Data Warehousing and Mining

Digital Libraries, Web Database Management, and the Semantic Web

Knowledge Management

Sensor Networks and Sensor Information Management

Index

...
View More

Author(s)

Biography

Thuraisingham\, Bhavani

Reviews

". . . a very good starting point for someone who needs orientation in database security."

– Gottfried Vossen, in Zentralblatt Math, 2006, Vol. 1089, No. 15