Matakuliah
Tahun
Versi
: M0184 / Pengolahan Data Distribusi
: 2005
:
Session - 20
INTEGRATY AND SECURITY
SECURITY
OBJECTIVES
Database Security issue
There are four main types of security
policies for control of access:
• Need to know
• Maximized sharing
• Open systems
• Closed systems
Types of Access Control
• Content independent
user is allowed/not allowed to access a
particular data object
• Content dependent
access to a data object depend on the content of
the DB
• Statistical control
user is permitted to perform statistical operations
• Context dependent
user’s access privileges depend on the context
Multilevel Security
•
•
•
•
Its assume that the OS has a multilevel security
to develop multilevel security policy. With
characteristic:
it is called every time a user request access to
an object
it support multilevel security policy
It is tamper-proof
It is sufficiently small that it can be thoroughly
tested and the code formally verified as correct
Security facilities in SQL
• View mechanism
• Authorization Rules
Security issues in distributed
database
•
•
•
•
Identification and authentication
Distribution and authorization rules
Encryption
Global view mechanism