| 基于安全策略的一种数据保护方法及实现技术 |
| |
| 引用本文: | 张孝,王珊,彭朝晖.基于安全策略的一种数据保护方法及实现技术[J].计算机科学,2007,34(2):122-124. |
| |
| 作者姓名: | 张孝 王珊 彭朝晖 |
| |
| 作者单位: | 中国人民大学信息学院,北京,100872 |
| |
| 摘 要: | 防止非法访问一直是数据库安全的重要内容,但随着防火墙、权限检查等技术的成熟,应用中越来越多的安全威胁开始来自数据管理者。本文给出了在数据库上采用安全策略的一种数据保护方法和基本原则,它能够防范系统外的入侵者,也能够防止数据库管理者的数据泄漏。同时我们还根据安全策略的定义,给出相应的查询优化指导方法。简单分析表明,执行引擎根据数据库操作的代价特点优化或重写查询能显著减小安全检查带来的性能影响。
|
| 关 键 词: | 安全策略 安全标签 查询优化 |
One Method and Implementation of Security-Policy-based Data Protection |
| |
| ZHANG Xiao,WANG Shan,PENG Zhao-Hui.One Method and Implementation of Security-Policy-based Data Protection[J].Computer Science,2007,34(2):122-124. |
| |
| Authors: | ZHANG Xiao WANG Shan PENG Zhao-Hui |
| |
| Affiliation: | School of Information, Renmin University of China, Beijing 100872 |
| |
| Abstract: | Preventing unauthorized access is always one of the main issues to database security,however,internal administrator becomes one threat more and more while facilities like firewall are maturing and widely laid out.A security-policy-based method and its principles are introduced in this paper,which can either defense the external intruders or the leakage of sensitive data because of the administrator(s).We also present several guidelines for cost-based query optimization according to the filter functions of the security policy.The basic analyses show it is feasible to effectively reduce the overhead of security checking by query rewriting and optimization in a query engine. |
| |
| Keywords: | Security policy Security label Query optimization |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
点击此处可从《计算机科学》下载全文 |
