Professional Documents
Culture Documents
215 Security Project Presentation
215 Security Project Presentation
By
Yazmin Escoto Rodriguez
Christine Tannuwidjaja
Main Types of Security:
Enforce security of portions of a database against
unauthorized access
- Database Security and Authorization Subsystem
Prevent unauthorized persons from accessing the
system itself
- Access Control
Control the access to statistical databases
- Statistical Database Security
Protect sensitive data that is being transmitted via
some type of communications
- Data Encryption
Database Security and
Authorization Subsystem
Rules:
Simple Property: Simple Property
subject s is allowed protects information
to read data item d if from unauthorized
clear(s) ≥ class(d) access
*-property: *-property protects
subject s is allowed data from
to write data item d if contamination or
clear(s) ≤ class(d) unauthorized
modification
Multilevel Security Databases-
example
Set up:
Project Name Topic Location TC
Black, TS Databases, TS Los Angeles, TS TS
Silver, S Supply Chain, S New York, S S
Polyinstantiation : the existence of multiple data objects with the same key
Multilevel Security Databases-
example
Project Name Topic Location TC
Gold, U -, U -, U U
Indigo, U Telecommunication, U Austin, U U
subject z wants to replace the null values with certain data items
< Markov Chain, New Jersey>
Classification Constraints
To assign to security classifications concepts of
schemas:
- ones that classify items
- ones that classify query results
System Object
MAJOR QUESTION:
Which way should the attributes and occurrences of O
be assigned to proper security classifications?
CLASSIFICATION
RESULT:
Security object O multilevel security object Om
Ranges of Secrecy
Levels
[U..S] [Co..TS]
Aggregation leading
N
to TS (N..constant)
Inference leading to
X
Co
Evaluation of
P
predicate P
Security dependency
ER Diagram
SSN
Date Function
Title
Name
Salary
SSN Title
Object Classification Constraints
– Simple Constraints
• Let X be a set of attributes of security object O (X ⊆ {A1,…,An})
• Application to ER:
- SiC(Is Assigned to,{Function},S)
- assigns property Function of relationship “Is Assigned to” to a
classification of secret.
ER Diagram – classifying
properties of security objects
SSN
Date Function
Title
Name
Salary
SSN Title
Object Classification Constraints
– Content-based Constraints
• Let Ai be an attribute of security object O with domain D i, let P be a predicate
defined on Ai and let X ⊆ {Ai,…,An}
• Application to ER:
- CbC (Employee, {SSN, Name}, Salary, ‘≥’, ‘100’, Co))
- represents the semantic that properties SSN and Name of employees with a
salary ≥ 100 are treated as confidential information
ER Diagram – classifying
properties of security objects
SSN
Date Function
Title
Name
Salary
SSN Title
Object Classification Constraints
– Complex Constraints
• Let O, O’ be two security objects and the existence of an instance o of O is
dependent on the existence of a corresponding occurrence o’ of O’ where the k
values of the identifying property K’ of o’ are identical to k values of attributes
of o (foreign key)
• Application to ER:
- CoC (Is Assigned to, {SSN}, Project, Subject, ‘=‘, ‘Research’, S)
- individual assignment data (SSN) is regarded as secret information in
the case the assignment refers to a project with Subject = ‘Research’
ER Diagram – classifying
properties of security objects
SSN
Date Function
Title
Name
Salary
SSN Title
P
Object Classification Constraints
– Level-based Constraints
• Let level (Ai) be a function that returns the classification ci of the value
of attribute Ai in object o(a1,c1,…,an,cn,tc) of a multilevel security
object Om
• Application to ER:
- LbC (Project, {Client}, Subject)
- states that property Client of security object Project must always have
the same classification as the property Subject of the Project
ER Diagram – classifying
properties of security objects
SSN
Date Function
Title
Name
Salary
SSN Title
P
Query Result Classification Constraints
– Association-based Constraints
• Application to ER:
- AbC (Employee, {Salary}, Co)
- the salary of an individual person is confidential
- the value of salaries without the information which employee gets
what salary is unclassified
ER Diagram –
classifying query results
SSN
Date Function
Title
Name
Salary
SSN Title
Query Result Classification Constraints
– Aggregation Constraints
• Result into the classification C for the retrieval result of a query in the
case count(O) > n, i.e. the number of instances of O referenced by a
query accessing properties X exceeds the value n
Query Result Classification Constraints
– Aggregation Constraints (con’t)
• Application to ER:
- AgC (Is Assigned to, {Title}, ‘3’, S)
- the information which employee is assigned to what projects is
regarded as unclassified
- aggregating all assignments for a certain project and thereby inferring
which team is responsible for what project is considered secret
ER Diagram –
classifying query results
SSN
Date Function
Title
Name
Salary
SSN Title 3
Query Result Classification Constraints
– Inference Constraints
• Application to ER:
- IfC (Employee, {Dep}, Project, {Subject}, Co)
- consider the situation where the information which employee is
assigned to what projects is considered as confidential
- from having access to the department an employee works for and to
the subject of a project, users may infer which department may be
responsible for the project and thus may conclude which employee are
involved
ER Diagram –
classifying query results
SSN
Date Function
Title
Name
Salary
SSN Title 3
X
QUESTION?