الفهرس 
Chapter-1: IntroductionOnly 14 pages are availabe for public view
 |  | from | 100 |  |  |
| | | from | 100 | | |
Abstract
Databases are basis of E-commerce, and Enterprise Resource Planning
(ERP) and other applications using sensitive data. There are many threats that
bluster these databases such as violation of confidentiality, violation of
integrity and denial of service .So providing security for database is an
important requirement for organizations running the database. Database
security techniques depends on detection and preventing of these violations.
There are many countermeasures to ensure security in the database such as
access control, flow control, inference control, authentication and encryption.
Each countermeasure provide a set of mechanisms and models to provide
security to databases against a predefined threats.
Access control models are important requirement to ensure
confidentiality in relational database systems. Many models have been
proposed for controlling access to database objects such as Discretionary
Access Control (DAC), Mandatory Access Control (MAC), Role Based Access
Control (RBAC) and query modification model. Each of these models have
many limitations which may result in many problems to the database related to
the performance and size of the database or to keeping the database
confidentiality.
In this thesis, a model that control access to database is proposed which
is based on query modification and role based access control. While RBAC is
used to specify the security policy, the query modification modifies the user
queries according to the roles granted to him. The RBAC schema is used to
store the privacy Meta Data instead of associating a disclosure table with each
table in the database which reduces the database size and therefore reduces the query execution times. Also it reduces the administration and maintenance
overhead of the user policy specially in the case of changing the application
Requirements. In addition, it is independent on the back end database used and
includes Insert, Update, and Delete statements in the modification.
A set of experiments have been conducted on a sample database. The
obtained results show that the proposed model reduced the execution time as a
result of reducing the database size compared to the query modification of
Hippocratic database that associate a disclosure table with each table in the
database to store the privacy meta data.