260 likes | 415 Views
Data and Applications Security Developments and Directions. Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #10 Security for Distributed Data Management February 10, 2005. Outline. Distributed Database Systems Architecture, Data Distribution, Functions Security Issues
E N D
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #10 Security for Distributed Data Management February 10, 2005
Outline • Distributed Database Systems • Architecture, Data Distribution, Functions • Security Issues • Discretionary Security, Multilevel Security • Comments • Assumption: Network is secure; focusing on securing the data
A Definition of a Distributed Database System • A collection of database systems connected via a network • The software that is responsible for interconnection is a Distributed Database Management System (DDBMS) • Each DBMS executes local applications and should be involved in at least one global application (Ceri and Pelagetti) • Homogeneous environment
Data- base 1 DBMS 3 Data- base 3 Distributed Processor 3 Site 3 DBMS 1 Distributed Processor 1 Communication Network Site 1 Distributed Processor 2 Data- base 2 DBMS 2 Site 2 Architecture
Distributed Processor Network Interface Distributed Query/Update Processor Distributed Transaction Manager Integrity/ Security Manager Distributed Metadata Management Local DBMS Interface
Data Distribution S I T E 1 E M P 1 D E P T 1 D # S S # N a m e S a l a r y D # D n a m e M G R 1 0 1 J o h n 2 0 1 0 C . S c i . J a n e 2 0 2 P a u l 3 0 2 0 3 J a m e s 4 0 3 0 E n g l i s h D a v i d 2 0 4 J i l l 5 0 4 0 F r e n c h P e t e r 1 0 6 0 5 M a r y 2 0 6 J a n e 7 0 S I T E 2 E M P 2 D E P T 2 S S # N a m e S a l a r y D # D n a m e D # M G R 9 M a t h e w 7 0 5 0 5 0 J o h n M a t h 7 D a v i d 8 0 3 0 P h y s i c s P a u l 2 0 8 P e t e r 9 0 4 0
Distributed Database Functions • Distributed Query Processing • Optimization techniques across the databases • Distributed Transaction Management • Techniques for distributed concurrency control and recovery • Distributed Metadata Management • Techniques for managing the distributed metadata • Distributed Security/Integrity Maintenance • Techniques for processing integrity constraints and enforcing access control rules across the databases
Discretionary Security • Architecture • Discretionary Security Mechanisms • Access Control • Security Policy Integration • Views for Security • Secure Distributed Database Functions
Secure Distributed Database System • A collection of secure database systems (SDBMS) connected via a secure network • The software that is responsible for interconnection is a Secure Distributed Database Management System (SDDBMS) • Each SDBMS executes local applications and should be involved in at least one global application (Ceri and Pelagetti) • Homogeneous environment
Multilevel Security • Aspects of MLS/DDBMS • Architectures • Data Model • Functions • Inference Control
SDQP SDTM SDP SDMM SDSM SDIM Modules if SDP (Secure Distributed Processor) DQP: Distributed Query Processor DTM: Distributed Transaction Mangier DMM: Distributed Metadata Manager DSML Distributed Security Manager DIM: Distributed Integrity Manager
Comments • Techniques for centralize data management have to be extended for a distributed environment • Access control enforced across databases • Inference control across databases • Web will continue to impact the development of secure distributed data managers • Network security is critical