Handbook of Database Security (eBook)
XIV, 577 Seiten
Springer US (Verlag)
978-0-387-48533-1 (ISBN)
Handbook of Database Security: Applications and Trends provides an up-to-date overview of data security models, techniques, and architectures in a variety of data management applications and settings. In addition to providing an overview of data security in different application settings, this book includes an outline for future research directions within the field. The book is designed for industry practitioners and researchers, and is also suitable for advanced-level students in computer science.
Motivation for the book Database security has been gaining a great deal of importance as industry, military, and government organizations have increasingly adopted Internet-based techno- gies on a large-scale, because of convenience, ease of use, and the ability to take advantage of rapid advances in the commercial market. Along with the traditional security aspects of data integrity and availability, there is an increasing interest in research and development in data privacy. This is because today's often missi- critical databases no longer contain only data used for day-to-day processing by organization; as new applications are being added, it is possible for organizations to collect and store vast amounts of data quickly and ef ciently and to make the data readily accessible to the public, typically through Web-based applications. Unfor- nately, if security threats related to the integrity, availability, and privacy of the data are not properly resolved, databases remain vulnerable to malicious attacks and - cidental misuse. Such incidents, in turn, may translate into nancial losses or losses whose values are obviously high but dif cult to quantify, e. g. , the loss of the public's trust in the data management infrastructure and services offered by an organization. In assembling this handbook, we have had a twofold objective: rst, to provide a comprehensive summary of the results of research and development activities in various aspects of database security up to this point, and second, to point toward directions for future work in this important and fruitful eld of research.
Contents 8
List of Contributors 10
1 Recent Advances in Access Control 14
1 Introduction 14
2 Classical Access Control Models 16
3 Credential-Based Access Control 22
4 Policy Composition 26
5 Access Control Through Encryption 30
6 Conclusions 35
Acknowledgements 35
References 36
2 Access Control Models for XML 40
1 Introduction 40
2 Preliminary Concepts 41
3 XML Access Control Requirements 46
4 XML Access Control Models 50
5 Conclusions 63
References 64
3 Access Control Policy Languages in XML 67
1 Introduction 67
2 Policy Specification Languages 68
3 Example XML Document and Associated Policy 68
4 XML Access Control Policy Languages 70
5 Policy Modeling and Generation 78
6 Conclusions 81
References 82
4 Database Issues in Trust Management and Trust Negotiation 84
1 Introduction to Trust Management 84
2 What is Trust Management? 86
3 History 91
4 Evaluation Problems and Strategies 100
5 Automated Trust Negotiation 110
6 Open Issues and Trends 118
References 120
5 Authenticated Index Structures for Outsourced Databases 125
1 Introduction 125
2 Cryptographic Background 126
3 Authenticated Index Structures for Selection Queries 129
4 Authentication Index Structures in Dynamic Settings 140
5 Query Freshness 143
6 Extensions 143
7 Conclusion 144
References 145
6 Towards Secure Data Outsourcing 147
1 Introduction 148
2 Designing Secure Data Outsourcing Mechanisms. 150
3 Related Work. 162
4 Acknowledgments 164
References 164
7 Managing and Querying Encrypted Data 172
1 Introduction 172
2 DAS - Storing & Querying Encrypted Data
3 Trust, Encryption, Key-management, Integrity & Data Confidentiality
4 Summary & Related Work
5 Acknowledgements 197
References 197
8 Security in Data Warehouses and OLAP Systems 200
1 Introduction 200
2 Background 202
3 Security Requirements 206
4 A Three-Tier Security Architecture 208
5 Securing OLAP Data Cubes 210
6 Conclusion 219
References 219
9 Security for Workflow Systems 222
1 Introduction 222
2 Security Requirements in Workflow Systems 224
3 Workflow Authorization Model 225
4 Separation of Duty 226
5 Delegation of Authority 232
6 Conflict-of-Interest 234
7 Workflow Safety Analysis 236
8 Open Issues 236
References 238
10 Secure Semantic Web Services 240
1 Introduction 240
2 Web Services Security 241
3 Security and the Semantic Web 245
4 Integrating Security, Semantic Web and Web Services Technologies 251
5 Summary and Directions 252
References 253
11 Geospatial Database Security 255
1 Introduction 255
2 Geospatial Data Models 257
3 Geospatial Access Control Models 259
4 Conclusion and Future Directions 272
References 273
12 Security Re-engineering for Databases: Concepts and Techniques 275
1 Introduction 275
2 Insider Misuse and Anomaly Detection 278
3 Data and User Profiling 280
4 Access Path Model 289
5 Security Reconfiguration 295
6 Related Work 298
7 Conclusions and Future Directions 299
References 300
13 Database Watermarking for Copyright Protection 305
1 Introduction 305
2 Model 306
3 Numeric Types 315
4 Categorical Types 325
5 Related Work 331
6 State of The Art and the Future 333
7 Conclusions 334
8 Acknowledgments 334
References 334
14 Database Watermarking: A Systematic View 337
1 Introduction 337
2 Data Type 339
3 Distortion 341
4 Sensitivity 345
5 Watermark Information 349
6 Verifiability 355
7 Data Structure 358
8 Open Issues 362
References 362
15 Trustworthy Records Retention 364
1 Introduction 364
2 Problem Definition 365
3 Usage Scenario and Threat Model 367
4 Storage Architectures 369
5 Resistance to Physical Attack 373
6 Trustworthy Indexing 375
7 Trustworthy Migration 380
8 Trustworthy Deletion 382
9 Open Problems 385
Acknowledgements 385
References 386
16 Damage Quarantine and Recovery in Data Processing Systems 389
1 Introduction 389
2 Overview of the DQR Problem 390
3 Traditional Failure Recovery Techniques and Their Limitations 394
4 Solving the DQR Problem 397
5 Remaining Research Issues and Concluding Remarks 408
Acknowledgement 409
References 410
17 Hippocratic Databases: Current Capabilities and Future Trends 414
1 Introduction 414
2 Founding Principles of a Hippocratic Database 415
3 Hippocratic Database Technologies 416
4 Future Work 428
5 Conclusion 432
References 432
18 Privacy-Preserving Data Mining: A Survey 435
1 Introduction 435
2 The Randomization Method 437
3 The k-Anonymity Framework 443
4 Distributed Privacy-Preserving Data Mining 449
5 Privacy-Preservation of Application Results 453
6 Limitations of Privacy: The Curse of Dimensionality 457
7 Summary 459
References 459
19 Privacy in Database Publishing: A Bayesian Perspective 465
1 Introduction 465
2 GBP: A Generic Bayesian Privacy Model 466
3 View-Based Publishing 474
4 Generalization-Based Publishing 478
5 View-Based Versus Generalization-Based Publishing 487
6 Privacy in Open-World Integration 488
7 Conclusions 489
References 489
20 Privacy Preserving Publication: Anonymization Frameworks and Principles 492
1 Introduction 492
2 k-anonymous Generalization 494
3 l-diverse Generalization 497
4 Anatomy 499
5 Summary 509
References 510
21 Privacy Protection through Anonymity in Location-based Services 512
1 Introduction 512
2 Privacy threats with LBS 513
3 Privacy protection through anonymity 518
4 Techniques to enforce anonymity 521
5 Experimental results 527
6 Conclusion 531
References 532
22 Privacy-enhanced Location-based Access Control 534
1 Introduction 534
2 Location-based Access Control Systems 535
3 Location Privacy 539
4 Obfuscation Techniques for Location Privacy Protection 544
5 Integrating Obfuscation Techniques with LBAC Systems 549
6 Conclusions 552
Acknowledgments 552
References 553
23 Efficiently Enforcing the Security and Privacy Policies in a Mobile Environment 556
1 Introduction 556
2 System Architecture for a Mobile Application Environment 559
3 Authorization Model in a Mobile Environment 561
4 Unified Index for Authorizations and Profiles 562
5 Unified Index for Authorizations and Moving Objects 564
6 Unified Index for Authorizations, Moving Objects and Profiles 570
7 Open Issues 575
References 575
| Erscheint lt. Verlag | 3.12.2007 |
|---|---|
| Zusatzinfo | XIV, 577 p. 60 illus. |
| Verlagsort | New York |
| Sprache | englisch |
| Themenwelt | Mathematik / Informatik ► Informatik ► Datenbanken |
| Informatik ► Netzwerke ► Sicherheit / Firewall | |
| Informatik ► Theorie / Studium ► Kryptologie | |
| Naturwissenschaften | |
| Schlagworte | Applications • Architecture • commercial • Database • Database Management • Database Security • Data Security • Data Warehouse • Datenschutz • Extensible Markup Language (XML) • LA • OLAP • Open-Source • security • SQL Standards & Security • SQL Standards & Security • Trends |
| ISBN-10 | 0-387-48533-3 / 0387485333 |
| ISBN-13 | 978-0-387-48533-1 / 9780387485331 |
| Haben Sie eine Frage zum Produkt? |
PDF (Wasserzeichen)Größe: 7,3 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
