Documente Academic
Documente Profesional
Documente Cultură
System data
OS data
User data
Application data
Database
Dat
Txt
Log
..
Records
Fields, Column
Attribute
Elements
Name
ADAMS
BENCHLY
CARTER
Address
212 Market St.
501 Union St.
411 Elm St.
Location
Columbus
Chicago
Columbus
code Reference
OH
43210
IL
60603
OH
43210
Name
ADAMS
ADAMS
BENCHLY
CARTER
CARTER
CARTER
CARTER
CARTER
First
Charles
Edward
Zeke
Marlene
Beth
Ben
Lisabeth
Mary
Address
212 Market St.
212 Market St.
501 Union St.
411 Elm St.
411 Elm St.
411 Elm St.
411 Elm St.
411 Elm St.
City
Columbus
Columbus
Chicago
Columbus
Columbus
Columbus
Columbus
Columbus
State
OH
OH
IL
OH
OH
OH
OH
OH
Zip
Airport
43210CMH
43210CMH
60603ORD
43210CMH
43210CMH
43210CMH
43210CMH
43210CMH
Shared access
Many users can use one common, centralized set of data
Minimal redundancy
Individual users do not have to maintain own data
Reduce db size
Data consistency
Change to a data value affects all users of the data value
Data integrity
data are protected against accidental or malicious changes
Controlled access
Authorized users are only allowed to access
Element integrity
Auditability
Access control
User authentication
Every user is identified
Availability
Users can access the database which they are
authorized
Repaired or upgraded?
Reliability
Dimensions
OS Protection Features
Backing up
Restore
Access control facilities
Two-Phase Update
Failure in the middle of modifying data
1. Intent
2. Commit
Writing of a commit flag to the database
Redundancy/Consistency
Additional information to detect inconsistencies
Few check bits
Shadow fields
Recovery features
Db reload from backup
Later changes are applied from the audit log
Concurrency/Consistency
Updating in Transactions
Locking(db, table, record, attribute)
Monitor
Responsible for structural integrity of the database
Data type , format, range
Filter
State Constraints
Transition Constraints
Conditions necessary before changes can be applied to
a database
Sensitivity/Access control
Important
Shouldn't public
DB ,Table ,Record ,Attribute
Access Decisions
Database administrator
Access policy
DBMS
Direct Attack
Tries to determine values of sensitive fields
Select from query
Indirect Attack
Release only statistics
Sum, avg
Controls
Suppression - sensitive data are not provided
Concealing not the exactly the actual value
Mechanisms
Random Sample check
Query Analysis
Sensitivity
Attribute
Deferent sensitivity levels
Security
Name
Department
Salary
Phone Performance
Rogers
Jenkins
Poling
Garland
Hilten
training
research
training
user services
user services
43,800
62,900
38,200
54,600
44,500
123
345
321
3456
765
A2
D4
B1
A4
B1
Davis
administration
51,400
345
A3
Granularity
Every element of a database have a distinct sensitivity
Every combination of elements have distinct sensitivity
Efficiency
Flexibility
Simplicity
Trustworthiness
Implementation Mechanisms
Partitioning
Encryption
Deferent keys
Integrity Lock
Limited access
Integrity
Implementation Mechanisms
Sensitivity Lock
Separate lock for record
Encrypted
Data item
Sensitivity
Additional space
Untrusted database manager
Reference monitor
Authenticates the user's identity.
Pass query to the database manager
Pass query Results
Database Manager
I/O access
Commutative Filters
Forms an interface between the user and DBMS
Reformats the query
Improve efficiency
Distributed Databases
Trusted front end controls access
Multiple databases
Complex implementation
View/window
Subset of data
Filtering original DB
Order
Categorize
Search
Patterns
Relations
Summerize
Automated
Confidentiality
Availability
Integrity
Combining databases
Structure
Data collector can alter data
Redundancy
Deferent primary keys