عنوان
پدید آورنده
موضوع
رده
QA76.9.D314 T474 1992
QA76
.
9
.
D314
T474
1992
کتابخانه
محل استقرار
INTERNATIONAL STANDARD BOOK NUMBER
(Number (ISBN
0387977368
(Number (ISBN
3540977368
(Number (ISBN
9780387977362
(Number (ISBN
9783540977360
NATIONAL BIBLIOGRAPHY NUMBER
Number
b551060
TITLE AND STATEMENT OF RESPONSIBILITY
Title Proper
Research directions in database security
General Material Designation
[Book]
First Statement of Responsibility
Teresa F. Lunt ed.
.PUBLICATION, DISTRIBUTION, ETC
Name of Publisher, Distributor, etc.
New York ; Berlin ; Heidelberg ; London ; Paris ; Tokyo ; Hong Kong ; Barcelona ; Budapest Springer
Date of Publication, Distribution, etc.
1992
PHYSICAL DESCRIPTION
Specific Material Designation and Extent of Item
XIV, 265 Seiten Diagramme 24 cm
GENERAL NOTES
Text of Note
Literaturangaben
CONTENTS NOTE
Text of Note
1 Workshop Summary.- 1.1 Introduction.- 1.2 Labels.- 1.3 Aggregation.- 1.4 Discretionary Security.- 1.5 The Homework Problem.- 1.6 Classification Semantics.- 1.7 Assurance.- 1.7.1 Balanced Assurance.- 1.7.2 TCB Subsetting.- 1.7.3 Layered TCB.- 1.8 New Approaches.- 1.9 Classifying Metadata.- 1.10 Conclusions.- 1.11 References.- 2 SeaView.- 2.1 Introduction.- 2.2 Multilevel Security.- 2.3 Multilevel Relations.- 2.3.1 The Extended Relational Integrity Rules.- 2.3.2 Polyinstantiation.- 2.3.3 Constraints.- 2.4 Discretionary Security.- 2.5 Multilevel SQL.- 2.5.1 The Access Class Data Type.- 2.5.2 Dealing with Polyinstantiation.- 2.5.3 Creating Multilevel Relations.- 2.6 The SeaView Verification.- 2.7 The SeaView Design.- 2.8 Data Design Considerations.- 2.9 Conclusions.- 2.10 References.- 3 A1 Secure DBMS Architecture.- 3.1 Introduction.- 3.2 The A1 Secure DBMS Modes of Operation.- 3.3 The A1 Secure DBMS Security Policy Overview.- 3.4 A1 Secure DBMS Architecture.- 3.5 Why is ASD Needed.- 3.6 For Further Information.- 3.7 References.- 4 An Investigation of Secure Distributed DBMS Architectures.- 4.1 Introduction.- 4.1.1 Background.- 4.1.2 Requirements.- 4.2 Concept of Operation.- 4.2.1 Users.- 4.3 Security Policy Overview.- 4.3.1 Discretionary Access Control.- 4.3.2 Mandatory Access Control.- 4.4 Architecture Definition.- 4.4.1 Abstract Model.- 4.4.2 Architectural Parameters.- 4.4.3 Family of Architecture Generation.- 4.5 Discretionary Access Control Enforcement.- 4.6 Summary and Conclusions.- 4.7 References.- 5 LOCK Data Views.- 5.1 Introduction.- 5.1.1 Problem Statement.- 5.1.2 Security Policy Overview.- 5.2 LOCK Security Policy Overview.- 5.2.1 DBMS Policy Extension Needs.- 5.2.2 DBMS Policy Extensions.- 5.3 Pipelines.- 5.3.1 The Response Pipeline Design.- 5.3.2 LOCK Pipeline Organization.- 5.3.3 Response Pipeline Organization.- 5.3.4 Pipeline Implications.- 5.4 Conclusions.- 5.5 References.- 6 Sybase Secure SQL Server.- 6.1 Introduction.- 6.2 Terms and Definitions.- 6.3 Objectives.- 6.4 B2 Design Philosophy.- 6.4.1 Database Server On A Network.- 6.4.2 B2 Sybase Secure SQL Server.- 6.5 Flow of Control.- 6.5.1 Login.- 6.5.2 Parsing and Compilation.- 6.5.3 Description of Procedures.- 6.5.4 Execution of Procedures.- 6.6 Trusted Operations.- 6.6.1 SSO Trusted Interface.- 6.6.2 User - Trusted Interface.- 6.7 Auditing.- 6.8 Conclusions.- 7 An Evolution of Views.- 7.1 Introduction.- 7.2 References.- 8 Discussion: Pros and Cons of the Various Approaches.- 8.1 Introduction.- 8.2 Inference Problem.- 8.3 Aggregation Problem.- 8.3.1 Problem Instances.- 8.3.2 Two Approaches.- 8.4 Retrospective.- 8.5 References.- 9 The Homework Problem.- 10 Report on the Homework Problem.- 10.1 Introduction.- 10.2 The Example Database.- 10.3 Summary.- 11 Classifying and Downgrading: Is a Human Needed in the Loop.- 11.1 Introduction.- 11.1.1 Underlying Concepts.- 11.1.2 Classifying Outputs.- 11.1.3 Semantic Level Approach.- 11.1.4 Classifying and Downgrading.- 11.2 The Issue.- 11.3 The Answer.- 11.4 Structured Data.- 11.5 Security Semantics of an Application.- 11.6 Types of Security Semantics.- 11.7 Textual Data.- 11.8 Summary.- 11.9 References.- 12 Session Report: The Semantics of Data Classification.- 12.1 Introduction.- 12.2 References.- 13 Inference and Aggregation.- 13.1 Introduction.- 13.2 Database Inference.- 13.2.1 The Problem.- 13.2.2 A Solution Approach.- 13.3 The Inference Problem.- 13.4 Analysis of Logical Inference Problems.- 13.4.1 When Classifying a Rule is Worse than Useless.- 13.4.2 Sphere of Influence Analysis.- 13.4.3 Network of Constraints.- 13.4.4 Questions.- 13.5 General Discussion.- 13.6 References.- 14 Dynamic Classification and Automatic Sanitization.- 14.1 Introduction.- 14.2 Sanitization.- 14.3 Initial Overclassification.- 14.4 Initial Underclassification.- 14.5 Discovered Misclassification.- 14.6 Automatic Classification.- 14.7 References.- 15 Presentation and Discussion on Balanced Assurance.- 15.1 Introduction.- 15.2 References.- 16 Some Results from the Entity/Relationship Multilevel Secure DBMS Project.- 16.1 Project Goals and Assumptions.- 16.2 A Multilevel Entity/Relationship Model.- 16.2.1 Data Model Semantics.- 16.2.2 Multilevel Security Characteristics.- 16.3 Results of Research.- 16.3.1 The Underlying Abstraction.- 16.4 Conclusions.- 16.5 References.- 17 Designing a Trusted Application Using an Object-Oriented Data Model.- 17.1 Introduction.- 17.2 The Object-Oriented Data Model.- 17.3 The SMMS as an Object-Oriented Database.- 17.4 Conclusion and Future Directions.- 17.5 References.- 18 Foundations of Multilevel Databases.- 18.1 Introduction.- 18.2 Definitional Preliminaries.- 18.3 Model Theoretic Approach.- 18.3.1 Query Evaluation.- 18.3.2 Database Updates.- 18.4 Proof Theoretic Approach.- 18.4.1 Query Evaluation.- 18.4.2 Database Updates.- 18.5 Environments and Fixed Points.- 18.5.1 Environments.- 18.5.2 Mappings.- 18.5.3 Fixed Points.- 18.5.4 Least Environment.- 18.5.5 Declarative and Procedural Semantics.- 18.6 Environments and Inference.- 18.7 Handling Negative and Indefinite Information.- 18.7.1 Closed-World Assumption.- 18.7.2 Negation by Failure.- 18.8 Formal Semantics of Time.- 18.9 Other Related Topics.- 18.9.1 Theory of Relational Databases.- 18.9.2 Consistency and Completeness of Security Constraints.- 18.9.3 Assigning Security Levels to Data.- 18.10 Conclusion.- 18.11 References.- 19 An Application Perspective on DBMS Security Policies.- 19.1 Introduction.- 19.2 Problems with Automatic Polyinstantiation.- 19.2.1 Polyinstantiation and Entity Integrity.- 19.2.2 Polyinstantiation and Referential Integrity.- 19.2.3 Polyinstantiation verses Application Consistency.- 19.2.4 Problems with Simplistic Mandatory Policies.- 19.3 Problems with View-Based Controls and Constraints.- 19.4 Requirement for Transaction Authorizations.- 19.5 Summary.- 19.6 References.- 20 New Approaches to Database Security: Report on Discussion.- 20.1 Introduction.- 20.2 Report on Discussion.- 20.2.1 Open Problems in Computer Security.- 20.2.2 Old Problems for Operating Systems but New Problems for Database Systems.- 20.2.3 Database-Specific Problems.- 20.2.4 Challenge Posed by Advances in Database Technology.- 20.3 Conclusion.- 20.4 References.- 21 Metadata and View Classification.- 21.1 Introduction.- 21.2 Justification for Metadata Protection.- 21.3 Metadata Classification Approaches.- 21.3.1 Internal Schema.- 21.3.2 Conceptual Schema.- 21.3.3 External Schema.- 21.4 Metadata Protection Schemes.- 21.5 User Access to Metadata.- 21.6 Affect of User Session Level on Data Classification.- 22 Database Security Research at NCSC.- 22.1 Introduction.- 22.2 Sponsored Research Projects.- 22.3 The Future.- 22.4 Discussion Topics.- 23 Position Paper on DBMS Security.- 23.1 Introduction.- 23.2 Conclusions.
TOPICAL NAME USED AS SUBJECT
Datenbanksystem
Datensicherung
Kongress
LIBRARY OF CONGRESS CLASSIFICATION
Class number
QA76
.
9
.
D314
Book number
T474
1992
PERSONAL NAME - PRIMARY RESPONSIBILITY
Teresa F. Lunt ed.
PERSONAL NAME - ALTERNATIVE RESPONSIBILITY
Teresa F Lunt
ELECTRONIC LOCATION AND ACCESS
Electronic name
مطالعه متن کتاب [Book]
Y
