Multilevel Security for Relational Databases: 1st Edition (Paperback) book cover

Multilevel Security for Relational Databases

1st Edition

By Osama S. Faragallah, El-Sayed M. El-Rabaie, Fathi E. Abd El-Samie, Ahmed I. Sallam, Hala S. El-Sayed

Auerbach Publications

304 pages | 76 B/W Illus.

Purchasing Options:$ = USD
New in Paperback: 9781138374904
pub: 2018-09-18
$71.00
x
Hardback: 9781482205398
pub: 2014-12-04
$86.95
x
eBook (VitalSource) : 9780429090547
pub: 2014-12-04
from $43.48


FREE Standard Shipping!

Description

Since databases are the primary repositories of information for today’s organizations and governments, database security has become critically important. Introducing the concept of multilevel security in relational databases, this book provides a comparative study of the various models that support multilevel security policies in the relational database—illustrating the strengths and weaknesses of each model.

Multilevel Security for Relational Databases covers multilevel database security concepts along with many other multilevel database security models and techniques. It presents a prototype that readers can implement as a tool for conducting performance evaluations to compare multilevel secure database models.

The book supplies a complete view of an encryption-based multilevel security database model that integrates multilevel security for the relational database with a system that encrypts each record with an encryption key according to its security class level. This model will help you utilize an encryption system as a second security layer over the multilevel security layer for the database, reduce the multilevel database size, and improve the response time of data retrieval from the multilevel database.

Considering instance-based multilevel database security, the book covers relational database access controls and examines concurrency control in multilevel database security systems. It includes database encryption algorithms, simulation programs, and Visual studio and Microsoft SQL Server code.

Table of Contents

Concepts of Database Security

Database Concepts

Relational Database Security Concepts

Access Control in Relational Databases

Discretionary Access Control

Mandatory Access Control

Role-Based Access Control

Work Objectives

Book Organization

Basic Concept of Multilevel Database Security

Introduction

Multilevel Database Relations

Polyinstantiation

Invisible Polyinstantiation

Visible Polyinstantiation

Types of Polyinstantiation

Architectural Considerations in Supporting Polyinstantiation

Multilevel Database Security Models

SeaView Model

Jajodia–Sandhu Model

Smith–Winslett Model

MLR Model

Belief-Consistent Multilevel Secure Data Model

Performance Study

Experimental Database Structure

Impact of Varying the Number of Tuples

Impact of Varying the Number of Attributes

Impact of Varying the Number of Security Levels

Analysis of Experimental Results

Summary

Implementation of MLS /DBMS Models

Introduction

SeaView Model

Selected Operation Procedure

Insert Operation Procedure

Update Operation Procedure

Delete Operation Procedure

Jajodia–Sandhu Model

Select Operation Procedure

Insert Operation Procedure

Update Operation Procedure

Delete Operation Procedure

Smith–Winslett Model

Select Operation Procedure

Insert Operation Procedure

Update Operation Procedure

Delete Operation Procedure

Multilevel Relational (MLR) Model

Select Operation Procedure

Insert Operation Procedure

Update Operation Procedure

Delete Operation Procedure

Uplevel Operation Procedure

Belief-Consistent Multilevel Secure Relational Data Model

Basic Procedures for Operations

Xview (Label) Procedure

Pl (Label) Procedure

Sl (Label) Procedure

Ib (Label) Procedure

Select Operation Procedure

Insert Operation Procedure

Verify Operation Procedure

Update Operation Procedure

Delete Operation Procedure

Comparative Study for Multilevel Database Models

Summary

Fundamentals of Information Encryption

Introduction

Basic Concepts of Cryptography

Goals of Cryptography

Principles of Encryption

Classification of Encryption Algorithms

Classification according to Encryption Structure

Classification according to Keys

Classification according to Percentage of Encrypted Data

Cryptanalysis

Conventional Symmetric Block Ciphers

Data Encryption Standard (DES)

Double DES

Triple DES

International Data Encryption Algorithm (IDEA)

Blowfish

RC5 Algorithm

RC5 Encryption Algorithm

RC5 Decryption Algorithm

RC5 Key Expansion

RC6 Algorithm

RC6 Encryption Algorithm

RC6 Decryption Algorithm

The Advanced Encryption Standard (AES)

Modes of Operation

The ECB Mode

The CBC Mode

The CFB Mode

The OFB Mode

Encryption-Based Multilevel Model for DBMS

Introduction

The Encryption-Based Multilevel Database Model

Manipulation

The INSERT Statement

The DELETE Statement

The SELECT Statement

The UPDATE Statement

The UPLEVEL Statement

Performance Study

Experimental Database Structure

SELECT Query

Impact of Varying the Number of Tuples

Impact of Varying the Number of Attributes

Impact of Varying the Number of Security Levels

JOIN Query

Impact of Varying the Number of Tuples

Impact of Varying the Number of Attributes

Impact of Varying the Number of Security Levels

UPDATE Query

Analysis of Experimental Results

Summary

Formal Analysis for Encryption-Based Multilevel Model for DBMS

Introduction

The Encryption-Based Multilevel Model for DBMS Definition

MLR Model Definition

Encryption-Based Multilevel Model for DBMS Definition

Integrity Properties

Entity Integrity

Polyinstantiation Integrity

Data-Borrow Integrity

Foreign Key Integrity

Referential Integrity

Manipulation

The INSERT Statement

The DELETE Statement

The SELECT Statement

The UPDATE Statement

The UPLEVEL Statement

Soundness

Case 1: In the INSERT Operation

Case 2: In the DELETE Operation

Case 3: In the UPDATE Operation

Case 4: In the UPLEVEL Operation

Completeness

Security

Summary

Concurrency Control in Multilevel Relational Databases

Introduction

Related Work

Enhanced Secure Multiversion Concurrency Control Model

Performance Evaluation

Workload Model

System Model

Experiments and Results

Correctness of the Enhanced Secure Multiversion Concurrency Control Model

Proof of Correctness

Summary

The Instance-Based Multilevel Security Model

Introduction

The Instance-Based Multilevel Security Model (IBMSM)

Definition 1: The Property View

Definition 2: The Class View

Definition 3: The Instance View at Classification Level Lj

The Advant address of IBMSM

The Select Operation Procedure of the IBMSM

Insert Operation Procedure of the IBMSM

The Update Operation Procedure of the IBMSM

The Delete Operation Procedure of the IBMSM

Comparative Study for Polyinstantiation Models

Summary

The Source Code

Introduction

Screen Shots of the Prototype

Source Code of the Microsoft SQL Server

Source Code of the Data Security Classification Level Tables

Source Code of the User Security Classification Levels

Source Code of the Modifications to the Base Table

Source Code of the View for Each Model of the Multilevel Relational Database Models

Source Code of the Microsoft Visual Studio C#

Source Code of the Classes

Source Code of the Login Form

Source Code of the Queries Form

Source Code of the Query Form

Source Code of the Concurrency

Control Form

References

Index

About the Authors

Osama S. Faragallah received a B.Sc. (Hons.), M.Sc., and Ph.D. in computer science and engineering from Menoufia University, Egypt, in 1997, 2002, and 2007 respectively. He is currently an associate professor in the Department of Computer Science and Engineering, Faculty of Electronic Engineering, Menoufia University. He was a demonstrator from 1997 to 2002 and has been assistant lecturer from 2002 to 2007. Since 2007 he has been a member of the teaching staff of the Department of Computer Science and Engineering at Menoufia University. He is the co-author of about 100 papers in international journals, conference proceedings, and two textbooks. His current research interests include network security, cryptography, Internet security, multimedia security, image encryption, watermarking, steganography, data hiding, medical image processing, and chaos theory.

El-Sayed M. El-Rabaie(SM’92) was born in Sires Elian, Egypt, in 1953. He received a B.Sc. (Hons.) in radio communications from Tanta University, Tanta, Egypt in 1976, an M.Sc. in communication systems from Menou?a University, Menouf, Egypt in 1981, and a Ph.D. in microwave device engineering from Queen’s University of Belfast, Belfast, U.K. in 1986. Until 1989, Dr. El-Rabaie was a postdoctoral fellow in the Department of Electronic Engineering, Queen’s University of Belfast. He was invited to become a research fellow in the College of Engineering and Technology, Northern Arizona University, Flagstaff in 1992, and a visiting professor at the Ecole Polytechnique de Montreal, Montreal, QC, Canada in 1994. He has authored and co-authored of more than 180 papers and 18 textbooks. He has been awarded the Salah Amer Award of Electronics in 1993 and the Best (CAD) Researcher from Menoufia University in 1995. He acts as a reviewer and member of the editorial board for several scientific journals.

Professor El-Rabaie was the head of the Electronic and Communication Engineering Department at Menoufia University; and later the vice dean of postgraduate studies and research. Dr. El-Rabaie’s research interests include CAD of nonlinear microwave circuits, nanotechnology, digital communication systems, and digital image processing. He is a member of the National Electronic and Communication Engineering Promotion Committee and a reviewer of quality assurance and accreditation of Egyptian higher education.

Fathi E. Abd El-Samie received his B.Sc. (Hons.), M.Sc., and Ph.D. from Menoufia University, Menouf, Egypt, in 1998, 2001, and 2005, respectively. Since 2005, he has been a member of the teaching staff in the Department of Electronics and Electrical Communications, Faculty of Electronic Engineering, Menoufia University. He is currently a researcher at KACST-TIC in radio frequency and photonics for the e-Society (RFTONICs). He is a co-author of about 200 papers in international conference proceedings and journals, and 4 textbooks. His current research interests include image enhancement, image restoration, image interpolation, super-resolution reconstruction of images, data hiding, multimedia communications, medical image processing, optical signal processing, and digital communications.

In 2008, Dr. Abd El-Samie was the recipient of the Most Cited Paper Award from the journal Digital Signal Processing.

Ahmed I. Sallam was born in Tanta, Al Gharbia, Egypt in 1982. He received a B.Sc. (Hons.) in computer science and engineering from Al Azhar University, Faculty of Engineering, in 2005 and an M.Sc. in computer science and engineering from Menoufia University, Faculty of Electronic Engineering, Egypt in 2012. He is a senior software engineer at Qarun Petroleum Company. His research interests include database, database security, cryptography, multimedia security, and image encryption.

Hala S. El-Sayed received her B.Sc.(Hons.), M.Sc., and Ph.D. in electrical engineering from Menoufia University, Shebin El-kom, Egypt, in 2000, 2004, and 2010, respectively. She is currently assistant professor in the Department of Electrical Engineering, Faculty of Engineering, Menoufia University. She was a demonstrator from 2002 to 2004 and an assistant lecturer from 2004 to 2010. Since 2010, she has been a member of the teaching staff in the Department of Electrical Engineering, Faculty of Engineering, Menoufia University. Her research interests are database security, network security, data hiding, image encryption, signal processing, wireless sensor network, robotics, secure building automation systems, and biometrics.

Subject Categories

BISAC Subject Codes/Headings:
COM021000
COMPUTERS / Database Management / General
COM051230
COMPUTERS / Software Development & Engineering / General
COM053000
COMPUTERS / Security / General