260 likes | 274 Views
This lecture explores the architecture and functions of distributed database systems, as well as the security issues involved in managing distributed data. Topics include discretionary security, multilevel security, and the impact of network security on data management.
E N D
Data and Applications Security Developments and Directions Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #10 Security for Distributed Data Management February 10, 2005
Outline • Distributed Database Systems • Architecture, Data Distribution, Functions • Security Issues • Discretionary Security, Multilevel Security • Comments • Assumption: Network is secure; focusing on securing the data
A Definition of a Distributed Database System • A collection of database systems connected via a network • The software that is responsible for interconnection is a Distributed Database Management System (DDBMS) • Each DBMS executes local applications and should be involved in at least one global application (Ceri and Pelagetti) • Homogeneous environment
Data- base 1 DBMS 3 Data- base 3 Distributed Processor 3 Site 3 DBMS 1 Distributed Processor 1 Communication Network Site 1 Distributed Processor 2 Data- base 2 DBMS 2 Site 2 Architecture
Distributed Processor Network Interface Distributed Query/Update Processor Distributed Transaction Manager Integrity/ Security Manager Distributed Metadata Management Local DBMS Interface
Data Distribution S I T E 1 E M P 1 D E P T 1 D # S S # N a m e S a l a r y D # D n a m e M G R 1 0 1 J o h n 2 0 1 0 C . S c i . J a n e 2 0 2 P a u l 3 0 2 0 3 J a m e s 4 0 3 0 E n g l i s h D a v i d 2 0 4 J i l l 5 0 4 0 F r e n c h P e t e r 1 0 6 0 5 M a r y 2 0 6 J a n e 7 0 S I T E 2 E M P 2 D E P T 2 S S # N a m e S a l a r y D # D n a m e D # M G R 9 M a t h e w 7 0 5 0 5 0 J o h n M a t h 7 D a v i d 8 0 3 0 P h y s i c s P a u l 2 0 8 P e t e r 9 0 4 0
Distributed Database Functions • Distributed Query Processing • Optimization techniques across the databases • Distributed Transaction Management • Techniques for distributed concurrency control and recovery • Distributed Metadata Management • Techniques for managing the distributed metadata • Distributed Security/Integrity Maintenance • Techniques for processing integrity constraints and enforcing access control rules across the databases
Discretionary Security • Architecture • Discretionary Security Mechanisms • Access Control • Security Policy Integration • Views for Security • Secure Distributed Database Functions
Secure Distributed Database System • A collection of secure database systems (SDBMS) connected via a secure network • The software that is responsible for interconnection is a Secure Distributed Database Management System (SDDBMS) • Each SDBMS executes local applications and should be involved in at least one global application (Ceri and Pelagetti) • Homogeneous environment
Multilevel Security • Aspects of MLS/DDBMS • Architectures • Data Model • Functions • Inference Control
SDQP SDTM SDP SDMM SDSM SDIM Modules if SDP (Secure Distributed Processor) DQP: Distributed Query Processor DTM: Distributed Transaction Mangier DMM: Distributed Metadata Manager DSML Distributed Security Manager DIM: Distributed Integrity Manager
Comments • Techniques for centralize data management have to be extended for a distributed environment • Access control enforced across databases • Inference control across databases • Web will continue to impact the development of secure distributed data managers • Network security is critical