This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each of which focuses on a key concept of secure databases and applications, this book deals with all aspects of technology, including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging applications. Front Cover......Page 1 Table of Contents......Page 8 Foreword......Page 22 Preface......Page 24 Acknowledgments......Page 30 About the Author......Page 34 1.1 Trends......Page 38 1.2 Supporting Technologies for Database and Applications Security......Page 40 1.3 Discretionary Security in Database Systems......Page 42 1.5 Multilevel Secure Relational Data Models and Systems......Page 43 1.6 Inference Problem......Page 44 1.7 Secure Distributed Database Systems......Page 45 1.8 Secure Object and Multimedia Data Systems......Page 46 1.9 Data Warehousing, Data Mining, Security, and Privacy......Page 47 1.10 Secure Web Information Management Technologies......Page 48 1.11 Emerging Secure Information Management Technologies......Page 49 1.12 Organization of This Book......Page 50 1.13 Next Steps......Page 54 PART I: SUPPORTING TECHNOLOGIES FOR DATABASE AND APPLICATIONS SECURITY......Page 58 2.1 Overview......Page 60 2.2 Relational and Entity-Relationship Data Models......Page 61 2.3 Architectural Issues......Page 63 2.4 Database Design......Page 65 2.5 Database Administration......Page 66 2.6 Database Management System Functions......Page 67 2.7 Distributed Databases......Page 75 2.8 Heterogeneous Database Integration......Page 76 2.9 Federated Databases......Page 77 2.10 Client/Server Databases......Page 80 2.11 Migrating Legacy Databases and Applications......Page 81 2.12 Data Warehousing......Page 82 2.13 Data Mining......Page 84 2.14 Impact of the Web......Page 85 2.15 Object Technology......Page 86 2.16 Other Database Systems......Page 92 2.17 Summary and Directions......Page 93 References......Page 94 Exercises......Page 96 3.1 Overview......Page 98 3.2 Access Control and Other Security Concepts......Page 99 3.3 Secure Systems......Page 100 3.4 Secure Operating Systems......Page 101 3.5 Secure Database Systems......Page 102 3.6 Secure Networks......Page 104 3.7 Emerging Trends......Page 105 3.8 Impact of the Web......Page 106 3.9 Steps to Building Secure Systems......Page 107 3.10 Summary and Directions......Page 108 References......Page 110 Exercises......Page 112 4.1 Overview......Page 114 4.2 Information Retrieval Systems......Page 115 4.3 Multimedia Data and Information Management......Page 119 4.4 Digital Libraries......Page 121 4.5 Knowledge Management......Page 128 4.6 Collaboration and Data Management......Page 130 4.7 E-Commerce Technologies......Page 132 4.8 Semantic Web Technologies......Page 133 4.9 Wireless and Sensor Information Management......Page 135 4.10 Real-Time Processing and Quality-of-Service Aspects......Page 137 4.11 High-Performance Computing Technologies......Page 138 4.12 Some Other Information Management Technologies......Page 139 4.13 Summary and Directions......Page 144 References......Page 145 Exercises......Page 147 Conclusion to Part I......Page 148 PART II: DISCRETIONARY SECURITY FOR DATABASE SYSTEMS......Page 150 5.1 Overview......Page 152 5.2 Access-Control Policies......Page 153 5.3 Administration Policies......Page 159 5.4 Identification and Authentication......Page 160 5.7 Summary and Directions......Page 161 Exercises......Page 163 6.1 Overview......Page 164 6.2 SQL Extensions for Security......Page 165 6.3 Query Modification......Page 166 6.4 Discretionary Security and Database Functions......Page 168 6.5 Visualization of Policies......Page 170 6.6 Prototypes and Products......Page 171 6.7 Summary and Directions......Page 172 Exercises......Page 173 Conclusion to Part II......Page 174 PART III: MANDATORY SECURITY FOR DATABASE SYSTEMS......Page 176 7.1 Overview......Page 178 7.2 Early Efforts......Page 180 7.3 Air Force Summer Study......Page 181 7.4 Major Research and Development Efforts......Page 182 7.6 Types of Multilevel Secure Database Systems......Page 184 7.8 Emerging Technologies......Page 189 7.9 Summary and Directions......Page 190 References......Page 191 Exercises......Page 194 8.2 Mandatory Access Control......Page 196 8.3 Security Architectures......Page 199 References......Page 206 Exercises......Page 207 Conclusion to Part III......Page 208 PART IV: MULTILEVEL SECURE RELATIONAL DATABASE SYSTEMS......Page 210 9.1 Overview......Page 212 9.2 Granularity of Classification......Page 213 9.3 Polyinstantiation......Page 218 9.4 Toward Developing a Standard Multilevel Relational Data Model......Page 220 References......Page 222 Exercises......Page 223 10.1 Overview......Page 224 10.2 Query Processing......Page 225 10.3 Transaction Processing......Page 226 10.4 Storage Management......Page 228 10.5 Metadata Management......Page 229 10.6 Other Functions......Page 230 References......Page 232 Exercises......Page 233 11.1 Overview......Page 234 11.2 Prototypes......Page 235 11.3 Products......Page 240 11.4 Summary and Directions......Page 246 References......Page 247 Exercises......Page 248 Conclusion to Part IV......Page 250 PART V: THE INFERENCE PROBLEM......Page 252 12.1 Overview......Page 254 12.2 Statistical Database Inference......Page 256 12.3 Discussion of Approaches for Handling Inference in a MLS/DBMS......Page 258 12.4 Complexity of the Inference Problem......Page 261 12.5 Summary and Directions......Page 262 References......Page 263 Exercises......Page 265 13.1 Overview......Page 266 13.2 Background......Page 267 13.3 Security Constraints......Page 269 13.4 Approach to Security Constraint Processing......Page 273 13.5 Consistency and Completeness of the Constraints......Page 276 13.6 Design of the Query Processor......Page 278 13.7 Design of the Update Processor......Page 281 13.8 Handling Security Constraints During Database Design......Page 284 13.10 Summary and Directions......Page 286 References......Page 287 Exercises......Page 288 14.1 Overview......Page 290 14.2 Semantic Nets and the Inference Problem......Page 292 References......Page 312 Exercises......Page 313 Conclusion to Part V......Page 314 PART VI: SECURE DISTRIBUTED AND HETEROGENEOUS DATABASE SYSTEMS......Page 316 15.1 Overview......Page 318 15.2 Discretionary Security......Page 319 15.3 Security Impact on Distributed Database Functions......Page 327 15.4 Security for Emerging Distributed System Technologies......Page 328 15.5 Summary and Directions......Page 330 Exercises......Page 331 16.1 Overview......Page 332 16.2 Background......Page 333 16.3 Architectures......Page 335 16.4 Data Modeling......Page 337 16.5 Functions......Page 338 16.6 Inference Problem for a MLS/DDBMS......Page 341 16.7 Summary and Directions......Page 342 References......Page 343 Exercises......Page 344 17.1 Overview......Page 346 17.2 Background......Page 347 17.3 Architectures......Page 348 17.4 Schema Integration......Page 350 17.5 Policy Integration......Page 352 17.6 Functions......Page 354 17.7 Inference Problem......Page 357 17.8 Secure Client/Server Database Management......Page 358 17.10 Summary and Directions......Page 360 References......Page 361 Exercises......Page 362 Conclusion to Part VI......Page 364 PART VII: SECURE OBJECT AND MULTIMEDIA SYSTEMS......Page 366 18.1 Overview......Page 368 18.2 Discretionary Security......Page 369 18.3 Multilevel Security......Page 376 18.4 Summary and Directions......Page 383 References......Page 384 Exercises......Page 385 19.1 Overview......Page 386 19.2 Security for Object Request Brokers......Page 387 19.3 Object Modeling for Secure Applications......Page 391 19.4 Summary and Directions......Page 395 References......Page 396 Exercises......Page 397 20.1 Overview......Page 398 20.2 Security for Multimedia Data Management Systems......Page 399 20.3 Secure Geospatial Information Systems......Page 409 20.4 Summary and Directions......Page 411 Exercises......Page 412 Conclusion to Part VII......Page 414 PART VIII: DATA WAREHOUSING, DATA MINING, SECURITY, AND PRIVACY......Page 416 21.1 Overview......Page 418 21.2 Background......Page 419 21.3 Secure Information Technologies for Data Warehousing......Page 420 21.4 Designing a Secure Data Warehouse......Page 425 21.5 Data Quality and Data Warehousing......Page 429 21.7 Secure Data Warehousing, Data Mining, and Decision Support......Page 430 21.8 Summary and Directions......Page 432 References......Page 433 Exercises......Page 434 22.1 Overview......Page 436 22.2 Data Mining for National Security......Page 437 22.3 Data Mining for Cyber-Security......Page 447 22.4 Summary and Directions......Page 452 References......Page 453 Exercises......Page 454 23.1 Overview......Page 456 23.2 Privacy Considerations......Page 457 23.3 Data Warehousing, Data Mining, Security, and Privacy......Page 459 23.4 Inference Problem and Privacy......Page 461 23.5 Privacy-Enhanced/Sensitive/Preserving Data Mining......Page 462 23.6 Confidentiality and Privacy......Page 465 23.7 Civil Liberties and National Security......Page 466 23.8 Federated Data Management, Data Sharing, and Privacy......Page 467 23.9 Summary and Directions......Page 469 References......Page 470 Exercises......Page 472 Conclusion to Part VIII......Page 474 PART IX: SECURE WEB DATA AND INFORMATION MANAGEMENT TECHNOLOGIES......Page 476 24.1 Overview......Page 478 24.2 Threats to Web Security......Page 479 24.3 Web Security Solutions......Page 483 24.4 Secure Digital Libraries......Page 492 24.5 Summary and Directions......Page 499 References......Page 500 Exercises......Page 501 25.1 Overview......Page 502 25.2 Security for the Semantic Web......Page 503 25.3 Access Control and Dissemination of XML Documents......Page 509 25.4 Privacy and the Semantic Web......Page 511 25.5 Secure Web Services......Page 514 25.6 Secure Agents and Related Technologies......Page 515 25.7 Secure Grid and Secure Semantic Grid......Page 517 25.8 Security Impact on the Database as a Service Model......Page 518 25.9 Summary and Directions......Page 520 References......Page 521 Exercises......Page 523 26.1 Overview......Page 524 26.2 Secure E-Commerce......Page 525 26.3 Secure Workflow and Collaboration......Page 527 26.4 Secure Knowledge Management......Page 529 26.5 Secure Peer-to-Peer Data Management......Page 531 26.6 Secure Dynamic Coalitions and Virtual Organizations......Page 532 26.7 Trust and Rights Management......Page 533 26.8 Security Informatics......Page 535 26.9 Summary and Directions......Page 536 Exercises......Page 537 Conclusion to Part IX......Page 538 PART X: EMERGING SECURE DATA MANAGEMENT TECHNOLOGIES AND APPLICATIONS......Page 540 27.1 Overview......Page 542 27.2 Dependable Systems......Page 543 27.3 Dependable Infrastructure and Data Management......Page 544 27.4 Data Quality......Page 552 27.5 Critical Infrastructure Protection......Page 556 27.6 Summary and Directions......Page 557 References......Page 558 Exercises......Page 559 28.1 Overview......Page 560 28.2 Security for Sensor Databases......Page 563 28.3 Secure Sensor Data Management Issues Unique to Sensor Networks......Page 577 28.4 Secure Wireless and Mobile Data Management......Page 580 28.5 A Note on Secure Telecommunications Information Management......Page 581 28.6 Security for Moving Databases......Page 582 28.7 Summary and Directions......Page 583 Exercises......Page 584 29.1 Overview......Page 586 29.2 Digital Identity......Page 587 29.4 Biometrics......Page 589 29.5 Digital Forensics......Page 591 29.6 Steganography and Digital Watermarking......Page 593 29.7 Risk and Economic Analysis......Page 594 29.8 Other Secure Systems and Applications......Page 595 29.9 The Role of Database and Applications Security for Homeland Security......Page 597 References......Page 598 Exercises......Page 599 Conclusion to Part X......Page 600 30.2 Summary of This Book......Page 602 30.3 Directions for Database and Applications Security......Page 609 30.4 Where Do We Go from Here?......Page 612 A.1 Overview......Page 614 A.2 Developments in Database Systems......Page 615 A.3 Status, Vision, and Issues......Page 620 A.4 Data Management Systems Framework......Page 621 A.5 Building Information Systems from the Framework......Page 624 A.6 Relationship between the Texts......Page 627 A.7 Summary......Page 628 References......Page 629 Information and Database Security......Page 630 Intelligent and Deductive Database Systems......Page 631 Sensor Networks and Sensor Information Management......Page 632 A......Page 636 C......Page 637 D......Page 638 F......Page 642 I......Page 643 M......Page 646 O......Page 648 P......Page 649 Q......Page 650 S......Page 651 T......Page 654 W......Page 655 Y......Page 656 Database and Applications Security: Integrating Information Security and Data Management reviews recent developments in security, with a special emphasis on the protection of databases. The author pays particular attention to securing emerging applications such as E-commerce, sensor information processing, and knowledge management.The book begins by providing essential background in database security, followed by descriptions of discretionary access control, multilevel secure databases, and models, functions, prototypes, and products of multilevel secure relational systems. It then discusses facets of the inference problem and addresses secure distributed databases. Following an analysis of secure object systems, the book focuses on security aspects of data warehousing and data mining. It also covers threats to privacy due to data mining and concludes with an exploration of emerging technologies.This volume delivers a comprehensive overview of database and applications security for technical managers, technologists, and executives, as well as for those intending to pursue research in the field. It provides a high-level overview while discussing many technical details. This is the first book to provide an in-depth coverage of all the developments, issues and challenges in secure databases and applications. It provides directions for data and application security, including securing emerging applications such as bioinformatics, stream information processing and peer-to-peer computing. Divided into eight sections, each section focuses on some key concept of secure databases and applications, Database and Applications Security provides a comprehensive overview and focuses on all aspects of the technology including secure relational databases, inference problems, secure object databases, secure distributed databases and emerging applications "Database and Applications Security: Integrating Information Security and Data Management reviews recent developments in security, with a special emphasis on the protection of databases. The author pays particular attention to securing emerging applications such as E-commerce, sensor information processing, and knowledge management." "This volume delivers a comprehensive overview of database and applications security for technical managers, technologists, and executives, as well as for those intending to pursue research in the field. It provides a high-level overview while discussing many technical details."--Jacket