面向对象数据库的安全模型及其应用

近年来,数据库安全模型一直是数据库方面研究的热点。由于关系数据模型是建立在良好的数学模型的基础上,因而成熟的关系数据安全模型已经被提出。而面向对象数据模型本身尚未找到坚实的数学基础,针对面向对象数据库的安全模型研究不多,文章在这方面做了一些尝试,它提出了一种基于视图的面向对象数据库的信息过滤模型。该模型以多级数据模型为基础,综合了视图模型和信息过滤模型的优点;然后给出该模型的评价及其应用。     

面向对象数据库的安全性建模

文章提出了面向对象数据库中对安全性进行建模的一种方法.该方法以多级数据模型为基础,定义了若干种安全性约束,同时引入了一种图示方法,能够对应用安全性模型进行直观地表示.     

A trusted subject architecture for multilevel secureobject-oriented databases

We address security in object-oriented database systems for multilevel secure environments. Such an environment consists of users cleared to various security levels, accessing information labeled with varying classifications. Our purpose is three-fold. First, we show how security can be naturally incorporated into the object model of computing so as to form a foundation for building multilevel secure object-oriented database management systems. Next, we show how such an abstract security model can be realized under a cost-effective, viable, and popular security architecture. Finally, we give security arguments based on trusted subjects and a formal proof to demonstrate the confidentiality of our architecture and approach. A notable feature of our solution is the support for secure synchronous write-up operations. This is useful when low level users want to send information to higher level users. In the object-oriented context, this is naturally modeled and efficiently accomplished through write-up messages sent by low level subjects. However, such write-up messages can pose confidentiality leaks (through timing and signaling channels) if the timing of the receipt and processing of the messages is observable to lower level senders. Such covert channels are a formidable obstacle in building high-assurance secure systems. Further, solutions to problems such as these have been known to involve various tradeoffs between confidentiality, integrity, and performance. We present a concurrent computation model that closes such channels while preserving the conflicting goals of confidentiality, integrity, and performance. Finally, we give a confidentiality proof for a trusted subject architecture and implementation and demonstrate that the trusted subject (process) cannot leak information in violation of multilevel security     

The evaluation of access costs in object databases

Unfortunately, there is at present nothing to assist the system architect at design-time to determine whether a proposed architecture based on an object-oriented database system will perform as required. The problem is complex, the choice of suitable modelling approach difficult, and a construction of a model is often abstruse. In this paper we concentrate on a major model component: that describing the access of objects in a centralised database. We present the background for the research (modern corporate IS architectures), the choices we have made, the prototype design, and the mathematical model of the cost of object database access. We conclude the paper by describing a validation of the model and how it can be generalised. The paper has a number of objectives: first, to dispel the myth that performance modelling of object-oriented systems is an immensely difficult task; second, to show that techniques which have been in existence for some time for modelling are applicable, with some modification, to aspects of object-oriented database performance prediction; and, third, to detail a specific case study of access cost modelling which provides enough information to be replicated by other workers across a number of object-oriented database products.     

一种安全数据库多级安全模型与外键引用研究

提出一个新的安全数据库关系模型,包括一个多级安全模型和增强的外键引用功能.在多级安全模型中,通过扩展了Sandhu的MLR模型给出新的语义,使之描述现实世界更加合理和实用.另外,增强的外键引用功能提高了系统建模的能力.     

A nonrestrictive concurrency control protocol for object-oriented databases

We propose an algorithm for executing transactions in object-oriented databases. The object-oriented database model generalizes the classical model of database concurrency control by permitting accesses toclass andinstance objects, by permittingarbitrary operations on objects as opposed to traditional read and write operations, and by allowingnested execution of transactions on objects. In this paper, we first develop a uniform methodology for treating both classes and instances. We then develop a two-phase locking protocol with a new relationship between locks calledordered sharing for an object-oriented database. Ordered sharing does not restrict the execution of conflicting operations. Finally, we extend the protocol to handle objects that execute methods on other objects thus resulting in the nested execution of transactions. The resulting protocol permits more concurrency than other known locking-based protocols.     

A Sequence-Based Object-Oriented Model for Video Databases

Structuration, annotation and composition are amidst the most crucial modeling issues that video editing and querying in the context of a database entail. In this paper, we propose a sequence-based, object-oriented data model that addresses them in an unified, yet orthogonal way. Thanks to this orthogonality, the interactions between these three aspects are properly captured, i.e., annotations may be attached to any level of video structuration, and all the composition operators preserve the structurations and annotations of the argument videos. We also propose to query both the structuration and the annotations of videos using an extension of ODMG's OQL which integrates a set of algebraic operators on sequences. The overall proposal is formalized and implemented on top of an object-oriented DBMS.     

基于对象数据库的扩展Java集合框架

常规的数据持久化方法是通过对象关系映射把对象存储到关系数据库中,但是易用性和效率一直是个问题。提出了一种更加方便、性能更强的方法,即用对象数据库来存储海量数据。然而目前对象数据库的使用还不是非常广泛,不少程序员可能还不了解对象数据库的使用。提出的基于对象数据库的扩展Java集合框架(Java Collection Fram ework),可以使程序员操作对象数据库就像使用普通的Java集合框架一样方便,而且在性能上也优于普通的关系数据库。     

Security checking in relational database management systems augmented with inference engines

In this paper we will discuss the notion of multilevel security and the difficulties encountered in designing an implementation scheme for a security policy for a multilevel secure database management system (MLS/DBMS). We will then describe how these difficulties may be overcome in augmenting a database with an inference engine so that it functions like a knowledge based system.     

集成Web 数据的系统框架与实现方法

基于我们正在研究和开发的项目Panorama，本文提出了一个基于XML和CORBA的Web数据集成系统框架，该框架可以集成来自Web上多个异构的数据源，包括关系数据库、面向对象数据库,HTML和XML文档及结构化文本文件。在系统实现中，把Web看作是一个巨大的虚拟数据库，以CORBA作为分布式对象模型，以XML作为公共誓据模型，并且以XML-QL作为全局查询语言来完成Web上的数据查询和集成。文中还详细分析和描述了系统框架中的一些主要模块的实现方法，具有很好的可操作性。     

一种对象关系模型层次控制算法

面向对象需求模型的研究是软件需求领域的一个热门和课题。     

分布式数据库研究新趋势

本文从异构分布式数据库、网络数据库、移动数据库等几个方向，讨论了分布式数据库研究所面临的几个新课题，并对未来分布式数据库的发展前景作了展望。     

Design and implementation of a database inference controller

The Inference Problem compromises database systems which are usually considered to be secure. here, users pose sets of queries and infer unauthorized information from the responses that they obtain. An Inference Controller is a device that prevents and/or detects security violations via inference. We are particularly interested in the inference problem which occurs in a multilevel operating environment. In such an environment, the users are cleared at different security levels and they access a multilevel database where the data is classified at different sensitivity levels. A multilevel secure database management system (MLS/DBMS) manages a multilevel database where its users cannot access data to which they are not authorized. However, providing a solution to the inference problem, where users issue multiple requests and consequently infer unauthorized knowledge is beyond the capability of currently available MLS/DBMSs. This paper describes the design and prototype development of an Inference Controller for a MLS/DBMS that functions during query processing. To our knowledge this is the first such inference controller prototype to be developed. We also describe some extensions to the inference controller so that an integrated solution can be provided to the problem.     

Integration of object-oriented programming languages and database systems in KOPERNIK

KOPERNIK is an object-oriented database system, that allows uniform specification of database requests and application programs. The user interface is based on Smalltalk, and the object-oriented data model is represented in terms of classes and messages. Techniques are discussed for implementing such a model on top of an underlying relational database system. Those parts of application programs that cannot be translated into a relational language are handled by a Smalltalk processor. The semantics of the database requests is defined in terms of a meta-model and meta-messages, using an object-oriented approach. Hence we derive rules for translation of database requests into SQL queries over a binary relational view, introduced as an intermediate level between the underlying database and our conceptual view.     

从面向对象数据库模式到关系数据库模式的转换

本文提出了一种从面向对象数据库模式到关系数据库模式的映射及基于该映射的模式转换算法。以查询为例,说明了面向对象数据库中的特有语义仍能保留在转换后的关系模式中,而且从面向对象数据库到关系数据库的基于该模式转换中操纵运算的转换也是切实可行的。所得的模式转换结果可应用于面向对象数据库和关系数据库之间的互操作。     

A model for evaluation and administration of security inobject-oriented databases

The integration of object-oriented programming concepts with databases is one of the most significant advances in the evolution of database systems. Many aspects of such a combination have been studied, but there are few models to provide security for this richly structured information. We develop an authorization model for object-oriented databases. This model consists of a set of policies, a structure for authorization rules, and algorithms to evaluate access requests against the authorization rules. User access policies are based on the concept of inherited authorization applied along the class structure hierarchy. We propose also a set of administrative policies that allow the control of user access and its decentralization. Finally, we study the effect of class structuring changes on authorization     

Semantic multigranularity locking and its performance in object-oriented database systems

Concurrency control schemes for object-oriented database systems (OODBSs) used in the area of performance-critical applications should increase the degree of concurrency and decrease locking overhead in order to offer maximum performance. However, most commercially available OODBSs use conventional concurrency control schemes that never exploit the rich semantics of object-oriented data model, thus fail to offer better performance. In this paper, we propose a concurrency control scheme for OODBSs, called in-place semantic multigranularity locking (ISMGL), that not only exploits semantics regarding methods to enhance the concurrency degree, but also utilizes multigranularity locking rules to decrease locking overhead. The novel aspect of ISMGL is that it combines conventional multigranularity locking and nested transaction model with utilizing commutativity of methods. Our concurrency control scheme is applicable for realistic OODBSs in the presence of complex objects with shared subobjects. Lastly, we evaluate the performance of ISMGL by using a simulation study.     

Modelling data secrecy and integrity

The paper describes a semantic data model used as a design environment for multilevel secure database applications. The proposed technique is built around the concept of security classification constraints (security semantics) and takes into account that security restrictions may either have effects on the static part of a system, on the behavior of the system (the system functions), or on both. As security constraints may influence each other appropriate integrity mechanisms are necessary and modelling of a multilevel application must be data as well as function driven. This functionality is included in the proposed semantic data model for multilevel security by developing secure data schemas, secure function schemas, a procedure for alternating iterative refinements on either schema, and a powerful integrity system to check the consistency of the classification constraints and of the multilevel secure database application.     

Object-oriented query language access to relational databases: A semantic framework for query translation

This research investigates and approach to query processing in a multidatabase system that uses an objectoriented model to capture the semantics of other data models. The object-oriented model is used to construct a global schema, defining an integrated view of the different schemas in the environment. The model is also used as a self-describing model to build a meta-database for storing information about the global schema. A unique aspect of this work is that the object-oriented model is used to describe the different data models of the multidatabase environment, thereby extending the meta database with semantic information about the local schemas. With the global and local schemas all represented in an object-oriented form, structural mappings between the global schema and each local schema are then easily supported. An object algebra then provides a query language for expressing global queries, using the structural mappings to translate object algebra queries into SQL queries over local relational schema. The advantage of using an object algebra is that the object-oriented database can be viewed as a blackboard for temporary storage of local data and for establishing relationships between different databases. The object algebra can be used to directly retrieve temporarily-stored data from the object-oriented database or to transparently retrieve data from local sources using the translation process described in this paper.