Secure DBMS design presents about Secure mechanisms (Requirements, Basic Principles), The system R authorization model (The system R authorization model, Implement model), Secure DBMS architectures, Commercial products | Week 7 Outline Secure mechanisms The system R authorization model Secure DBMS architectures Commercial products Outline Secure mechanisms The system R authorization model Secure DBMS architectures Commercial products Requirements Different types of access modes. Dynamic authorization Inference control Polyinstantiation Auditing No Backdoors Reasonable performance Basic Principles Well-formed transactions Continuity of operation Separation of duties Delegation of authority Authenticated users Ease of safe use Outline Secure mechanisms The system R authorization model Secure DBMS architectures Commercial products The system R authorization model System R was defined by Griffiths and Wade(1976), revised by Fagin (1978). Developed at the IBM Research Laboratory. Access modes: Read Insert Delete Update Drop The system R authorization model Grant Ex: The system R authorization model Revoke The system R authorization model . | Week 7 Outline Secure mechanisms The system R authorization model Secure DBMS architectures Commercial products Outline Secure mechanisms The system R authorization model Secure DBMS architectures Commercial products Requirements Different types of access modes. Dynamic authorization Inference control Polyinstantiation Auditing No Backdoors Reasonable performance Basic Principles Well-formed transactions Continuity of operation Separation of duties Delegation of authority Authenticated users Ease of safe use Outline Secure mechanisms The system R authorization model Secure DBMS architectures Commercial products The system R authorization model System R was defined by Griffiths and Wade(1976), revised by Fagin (1978). Developed at the IBM Research Laboratory. Access modes: Read Insert Delete Update Drop The system R authorization model Grant Ex: The system R authorization model Revoke The system R authorization model Example: Cascade The system R authorization model Revocation With admin option SYSAUTH table The system R authorization model List of X’s remaining incoming grants: List of X’s grants to others: DELETE READ & INSERT Result: Giai thuat revoke tren ts: -Tim quyền user khác cấp cho X (A&C) -Tìm min ts của những quyền dc cấp đó (VD: đặt ts này là a) -Tìm quyền X cấp cho user khác (Y) (VD: đặt ts này là b) -So sánh a&b -> a>b: loại bỏ quyền -> a The system R authorization model View View owner entitled to drop view but may not exercise all privileges The owner of a view has the same rights as on the base tables The owner of a view (with the grant option) can grant others access rights on the view. Access rights on base tables, given to the owner of a view after the creation of the view are not added to the view. Access rights on base tables, revoked from the owner of a view, are also removed from the view. Implement model SYSAUTH & SYSCOLAUTH SYSAUTH: Userid .
