Dynamic fragmentation and query translation based security framework for distributed databases
Arunabha Sengupta
Abstract
The existing security models for distributed databases suffer from several drawbacks viz. tight coupling with the choice of database; lack of dynamism, granularity and flexibility; non scalability and vulnerability to intrusion attacks. There is a lack of an integrated flexible and interoperable security framework that can dynamically control access to table, row, column and field level data entity. The objective of this proposed framework is to address the issue of security in distributed query processing using the dynamic fragmentation and query translation methodologies based on a parameterized security model which could be tailored based on the business requirements to take care of relational level, record level, column level as well as the atomic data element level security and access requirements. This solution has been implemented and tested for DML operations on distributed relational databases and the execution results are found to be very promising in terms of restricting access to data elements with higher security clearance; blocking queries that return data at/below user’s level but its evaluation requires accessing columns/rows with higher security clearance; and blocking aggregate queries used for inferring classified information.
Keyword
Bell–LaPadula model, Database Security, Discretionary Access Control, Distributed Database Management System, Dynamic Fragmentation, Mandatory Access Control, Object Level Security, Operational Level Security, Role Based Access Control, Site Level Security, Subject Level Security.