한국정보처리학회논문지 (The Transactions of the Korea Information Processing Society)

한국정보처리학회 (Korea Information Processing Society)
권호 표지

다단계 보안 스키마 설계를 위한 IDEA 방법론의 확장

The extension of the IDEA Methodology for a multilevel secure schema design

  • 김정종 (경남대학교 컴퓨터공학과) ;
  • 박운재 (한국섬유패션대학 전자계산과) ;
  • 심갑식 (진주삼업대학교 교양과정부)
  • 발행 : 2000.03.01
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

다단계 데이터베이스 응용의 설계는 복잡한 과정이며, 적절한 모델을 이용하여 개체나 그의 연관 보안 등급을 모호하지 않게 표현해야 한다. 또한, 다단계 데이터 베이스 응용에 대한 의미를 가능한 한 정확하게 파악하는 것도 중요하다. 미보호 데이터 베이스 응용 설계를 위한 IDEA 방법론은 데이터 집약 시스템에 초점을 두고 있기 때문에, 그 객체 모델에서는 응용에 대한 객체의 경직 구조와 그의 관련성을 서술한다. 다시 말해서 IDEA 방법론의 객체 모델은 객체의 정적 서술을 하기 위한 확정돈 개체-관련성 모델이다. IDEA 방법론이 다단계 보인 데이터베이스 응용을 위해 개발되지 않았지만, 기존의 방법론을 활용함으로써 그 방법론에서 개발된 여러 기법들을 이용할 수 있다. 즉, 이 방식은 다단계 보안 스키마를 처음부터 개발하는 것보다더 용이하다. 본 논문에서는 IDEA 방법론의 객체 모델에 보안 특징을 첨가하고, 이 모델을 다단계 보안 객체지형 스키마로의 변환을 제시한다. 이 다단계 보안 스키마는 Informix-Oniline/Secure, Trustrd ORACLE. Sybase Secure SQL Server와 같은 여러 상용 다단계 보안 데이터 베이스 관리 시스템으로 자동 변환하기 위한 일반적인 스킬을 설계하는 예비 연구가 될 것이다.

Designing a multilevel database application is a complex process, and the entities and their associated security levels must be represented using an appropriate model unambiguously. It is also important to capture the semantics of a multilevel databse application as accurate and complete as possible. Owing to the focus of the IDEA Methodology for designing the non-secure database applications on the data-intensive systems, the Object Model describes the static structure of the objects in an application and their relationships. That is, the Object Model in the IDEA Methodology is an extended Entity-Relationship model giving a static description of objects. The IDEA Methodology has not been developed the multilevel secure database applications, but by using an existing methodology we could take advantage of the various techniques that have already been developed for that methodology. That is, this way is easier to design the multilevel secure schema than to develop a new model from scratch. This paper adds the security features 새? Object Model in the IDEA Methodology, and presents the transformation from this model to a multilevel secure object oriented schema. This schema will be the preliminary work which can be the general scheme for the automatic mapping to the various commercial multilevel secure database management system such as Informix-Online/Secure, Trusted ORACLE, and Sybase Secure SQL Server.

키워드

참고문헌

  1. C. Batini and S. B. Navathe, Conceptual Database Design, an Entity-Relationship Approach, Redwood City, CA, Benjamin Cummings, 1993
  2. Bums, R., 'ER Approach to Multilevel Database Design,' The 1st RADC Database Security Workshop Menlo park, CA, May 1988
  3. S. Ceri and P. Fraternali, Designing Database Applications with Objects and Rules,Addison-Wesley, 1997
  4. P. Chen, 'The Entity-Relationship Model: Toward a Unified View of Data,' ACM Transaction on Database Systems, Vo. 11, No. 1, pp.9-36, 1976 https://doi.org/10.1145/320434.320440
  5. D. Coleman, P. Arnold, S. Bodoff et. al., ObjectOriented Development : The Fusion Method, Englewood Cliffs, NJ, Prentice-Hall International, 1994
  6. D. E. Denning et al., Secure distributed data view: security policy and interpretation for class Al multilevel secure relational database system, Technical Report A002 SRI International, 1986
  7. D. E. Denning, Secure distributed data views : the Sea View formal security model, Technical Report A003 SRI international, 1987
  8. D. E. Denning, et. al., 'Views for multilevel database security,' IEEE Trans. Software Eng. 13(2), 1987
  9. D. E. Denning et al., 'The Sea View security model,' Proc. IEEE Symp, on Security and Privacy, Oakland, CA, April 1988 https://doi.org/10.1109/SECPRI.1988.8114
  10. R. Elmasri and S.B. Navathe, Fundamentals of Database Systems, Second edition, Benjamin/ Cummings, redwood City, 1994
  11. M. Fugini, 'Secure Database Development Methodologies,' Database Security : Status and Prospects, C. E. Landwehr, eds., North Holland(Elsevier), pp.103-130, 1988
  12. G. E. Gainak, 'Some Results from the EntityRelationship Multilevel Secure DBMS Project,' Proc. 4th IEEE Annual Computer Security Application Conference, 1988 https://doi.org/10.1109/ACSAC.1988.113419
  13. J. G. Hughes, Object-Oriented Databases, Computer Science, Prentice Hall, 1991
  14. D. G. Mark et al., 'Hypersemantic Data Modelling for Inference Analysis,' DATABASE SECURITY VII : Status and Prospects, North-Holland, pp.157-180, 1994.
  15. S. B. Navathe and M. K. Pillallmarri, 'OOER: Toward Making the ER Approach Object Oriented,' Proceedings of the 8th International Conference on Entity-Relationship Approach, pp.55-76, 1989
  16. B. H. Patkau, D. L. Tennenhouse, 'The Implementation of Secure Entity-Relationship Databases,' Proc. IEEE Symposium on Security and Privacy, 1985
  17. G. Pernul, A. M. Tjoa, 'A View Integration Approach for the Design of MLS Databases,' Proc. 10th Int'l. Conf. on the Entity-Relationship Approach, San Mateo, CA, Oct. 1991
  18. G. Pernul, 'Security Constraint Processing During Multilevel Secure Database Design,' Proc. 8th Annual Computer Security Applications Conference,' IEEE Computer Society Associations, pp.75-84, 1992 https://doi.org/10.1109/CSAC.1992.228231
  19. Sell, P., 'The SPEAR Data Design Methodology,' Proceedings of the 6th IFIP Database Security Conference, Vancouver, BC, August 1992
  20. P. J. Sell and B. M Thuraisingham, 'Applying OMT for Designing Multilevel Database Applications,' DATABASE SECURITY VII : Status and Prospects, North-Holland, pp.41-64, 1994
  21. Smith, G., 'Modelling Security Relevant Data Semantics,' Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, 1990
  22. G. W. Smith, 'The Semantic Data Model for Security : Representing the Security Semantics of an Applications,' Proc. of the 6th Int. Conf. on Data Engineering, 1990 https://doi.org/10.1109/ICDE.1990.113484
  23. I.Y. Song, 'A Survey of Object Oriented Database Design Methodologies,' Proceedings of the International Conference on Information and Knowledge Management, Baltimore, MD, pp.52-59, 1992
  24. L Y. Song and T. H. Jones, 'Analysis of Binary Relationships with Ternary Relationships in ER Modeling,' In Proceedings of 12th International Conference on Entity-Relationship Approach, Dallas, TX, December, pp.265-276, 1993
  25. I. Y. Song, T. H. Jones, and E. K. Park, 'Binary Relationship Imposition Rules on Ternary Relationships in ER Modeling,' In proceedings of 2nd International Conference on Information and knowledge management, Washington, D.C., October, pp.57-66, 1993 https://doi.org/10.1145/170088.170104
  26. D. Spooner, 'The Impact of Inheritance on Security in Object-Oriented Database Systems,' Database Security II : Status and Prospects, Ed : C. Landwehr) North-Holland, 1989
  27. T. J Teorey, Database Modeling and Design: The Fundamental Principles, 2nd Edition, MorganKauffman, 1994
  28. Wiseman, S., 'Abstract and Concrete Models for secure Database Applications,' Proceedings of the 5th IFIP Working Conference in Database Security, Shepherstown, W. VA, November 1991
  29. Thuraisingham, M. B., 'Mandatory security in object-oriented database systems,' Pro. Conf. on Object-oriented Programming : Systems, Languages, and Applications(OOPSLA), Orlando, October 1989 https://doi.org/10.1145/74877.74899
  30. T. H. Hinke, H. S. Delugach and R. Wolf, 'A Framework for Inference-Directed Data Mining,' DATABASE SECURITY Volume X : Status and Prospects, Chapman & Hall, pp.229-239, 1997
  31. K. Zhang, 'IRI : A Quantitative Approach to Inference Analysis in Relational Database,' DATABASE SECURITY XI : Status and Prospects, Chapman & Hall, pp.279-200, 1998
  32. 김영균,노봉남,'보안 객체 지식 모델에서 보안 제약 조건' 통신정보보호학회논문지,제3권,제1호,pp.48-57,1993
  33. 박선주,노봉남,'다단계 보안 멀티미디어 데이터 모델을 위한 보안 제약조건' 통신정보보호학회논문지,제3권, 제2호, pp.16-30, 1993