Tool Support for Enforcing Security Policies on Databases

نویسندگان

  • Jenny Abramov
  • Omer Anson
  • Arnon Sturm
  • Peretz Shoval
چکیده

Security in general and database protection from unauthorized access in particular, are crucial for organizations. It has long been accepted that security requirements should be considered from the early stages of the development. However, such requirements tend to be neglected or dealt-with only at the end of the development process. The Security Modeling Tool presented in this study aims at enforcing developers, in particular database designers, to deal with database authorization requirements from the early stages of development. This software demonstration shows how the Security Modeling Tool assists to define organizational security policies and use them during the application development to create a secured database schema.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)

One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...

متن کامل

Analyzing Security - Enhanced Linux Policy Speci cations

NSA's Security-Enhanced (SE) Linux enhances Linux by providing a speci cation language for security policies and a Flask-like architecture with a security server for enforcing policies de ned in the language. It is natural for users to expect to be able to analyze the properties of a policy from its speci cation in the policy language. But this language is very low level, making the high level ...

متن کامل

Access Control for Databases: Concepts and Systems

As organizations depend on, possibly distributed, information systems for operational, decisional and strategic activities, they are vulnerable to security breaches leading to data theft and unauthorized disclosures even as they gain productivity and efficiency advantages. Though several techniques, such as encryption and digital signatures, are available to protect data when transmitted across...

متن کامل

Modeling Security - Enhanced Linux Policy Speci cations for Analysis Myla Archer

Security-Enhanced (SE) Linux is a modiication of Linux initially released by NSA in January 2001 that provides a language for specifying Linux security policies and, as in the Flask architecture, a security server for enforcing policies deened in the language. To determine whether user requests to the operating system should be granted, the security server refers to an internal form of the poli...

متن کامل

Modeling Security - Enhanced Linux Policy Speci cations for Analysis

Security-Enhanced (SE) Linux is a modi cation of Linux initially released by NSA in January 2001 that provides a language for specifying Linux security policies and, as in the Flask architecture, a security server for enforcing policies de ned in the language. To determine whether user requests to the operating system should be granted, the security server refers to an internal form of the poli...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2011