Database Reference
In-Depth Information
creates the object in the relational database is the owner of
this object and can grant access to other users on this object.
This has the disadvantage that the enterprise cannot man-
age and enforce its security requirements without includ-
ing all the users that create all the objects in the relational
database.
• Cascading authorization: For example, consider three users:
U
1
,
U
2
, and
U
3
. User
U
2
has the privilege on object
O
from
U
1
and grants this privilege to
U
3
. Later,
U
1
grants privilege
to
U
3
on the same object
O
, but
U
2
revokes privilege from
privilege
U
3
for some reason. The effect of these operations is
that
U
3
still has the access privilege (from
U
1
) to access object
O
although
U
2
revoked privilege.
• Trojan horse attacks: A Trojan horse can be used to grant a
certain privilege of a user on an object to another user without
knowing any information about the user.
• Update problems: In DAC, view-based protection is a logical
query that has no physical data in the relational database.
The disadvantage of view-based protection is that not all data
can be updated through certain views.
1.3.2 Mandatory Access Control
While DAC is concerned with ensuring the privilege to access data in
the relational database, mandatory access control (MAC) is in addi-
tion ensuring the flow of data in the relational database system. MAC
depends on the security level associated with each object in the rela-
tional database and each user. A security level on an object is defined
as a security classification, while the security level on a user is defined
as a security clearance. MAC is defined as multilevel security (MLS);
because of each user and each object, one of the multiple security
levels can be assigned.
A complete understanding of MLS will not happen without
understanding its origins [12]. The U.S. military has a historical
isolated database that contains its sensitive information. The sensi-
tive data are classified into different security levels and must be
processed on dedicated systems that do not provide access to users
Search WWH ::
Custom Search