304 Pages 76 B/W Illustrations
    by Auerbach Publications

    304 Pages 76 B/W Illustrations
    by Auerbach Publications

    Since databases are the primary repositories of information for today’s organizations and governments, database security has become critically important. Introducing the concept of multilevel security in relational databases, this book provides a comparative study of the various models that support multilevel security policies in the relational database—illustrating the strengths and weaknesses of each model.

    Multilevel Security for Relational Databases covers multilevel database security concepts along with many other multilevel database security models and techniques. It presents a prototype that readers can implement as a tool for conducting performance evaluations to compare multilevel secure database models.

    The book supplies a complete view of an encryption-based multilevel security database model that integrates multilevel security for the relational database with a system that encrypts each record with an encryption key according to its security class level. This model will help you utilize an encryption system as a second security layer over the multilevel security layer for the database, reduce the multilevel database size, and improve the response time of data retrieval from the multilevel database.

    Considering instance-based multilevel database security, the book covers relational database access controls and examines concurrency control in multilevel database security systems. It includes database encryption algorithms, simulation programs, and Visual studio and Microsoft SQL Server code.

    Concepts of Database Security
    Database Concepts
    Relational Database Security Concepts
    Access Control in Relational Databases
         Discretionary Access Control 
         Mandatory Access Control 
         Role-Based Access Control
    Work Objectives
    Book Organization

    Basic Concept of Multilevel Database Security
    Introduction
    Multilevel Database Relations
    Polyinstantiation 
         Invisible Polyinstantiation 
         Visible Polyinstantiation 
         Types of Polyinstantiation 
         Architectural Considerations in Supporting Polyinstantiation
    Multilevel Database Security Models 
         SeaView Model
         Jajodia–Sandhu Model 
         Smith–Winslett Model
         MLR Model
         Belief-Consistent Multilevel Secure Data Model
    Performance Study 
         Experimental Database Structure
         Impact of Varying the Number of Tuples 
         Impact of Varying the Number of Attributes
         Impact of Varying the Number of Security Levels 
         Analysis of Experimental Results
    Summary

    Implementation of MLS /DBMS Models
    Introduction
    SeaView Model 
         Selected Operation Procedure 
         Insert Operation Procedure 
         Update Operation Procedure 
         Delete Operation Procedure
    Jajodia–Sandhu Model 
         Select Operation Procedure
         Insert Operation Procedure 
         Update Operation Procedure 
         Delete Operation Procedure
    Smith–Winslett Model
         Select Operation Procedure
         Insert Operation Procedure
         Update Operation Procedure 
         Delete Operation Procedure
    Multilevel Relational (MLR) Model 
         Select Operation Procedure 
         Insert Operation Procedure 
         Update Operation Procedure 
         Delete Operation Procedure
         Uplevel Operation Procedure
    Belief-Consistent Multilevel Secure Relational Data Model 
         Basic Procedures for Operations 
              Xview (Label) Procedure 
              Pl (Label) Procedure 
              Sl (Label) Procedure 
              Ib (Label) Procedure 
         Select Operation Procedure 
         Insert Operation Procedure 
         Verify Operation Procedure 
         Update Operation Procedure 
         Delete Operation Procedure
    Comparative Study for Multilevel Database Models
    Summary

    Fundamentals of Information Encryption
    Introduction
    Basic Concepts of Cryptography
         Goals of Cryptography
         Principles of Encryption
    Classification of Encryption Algorithms 
         Classification according to Encryption Structure 
         Classification according to Keys 
         Classification according to Percentage of Encrypted Data
    Cryptanalysis
    Conventional Symmetric Block Ciphers 
         Data Encryption Standard (DES) 
         Double DES 
         Triple DES 
         International Data Encryption Algorithm (IDEA)
         Blowfish 
         RC5 Algorithm
              RC5 Encryption Algorithm
              RC5 Decryption Algorithm 
              RC5 Key Expansion 
         RC6 Algorithm 
              RC6 Encryption Algorithm 
              RC6 Decryption Algorithm 
         The Advanced Encryption Standard (AES)
    Modes of Operation 
         The ECB Mode 
         The CBC Mode 
         The CFB Mode 
         The OFB Mode

    Encryption-Based Multilevel Model for DBMS
    Introduction
    The Encryption-Based Multilevel Database Model
    Manipulation 
         The INSERT Statement 
         The DELETE Statement
         The SELECT Statement 
         The UPDATE Statement 
         The UPLEVEL Statement
    Performance Study 
         Experimental Database Structure 
         SELECT Query 
              Impact of Varying the Number of Tuples 
              Impact of Varying the Number of Attributes
              Impact of Varying the Number of Security Levels 
         JOIN Query 
              Impact of Varying the Number of Tuples 
              Impact of Varying the Number of Attributes 
              Impact of Varying the Number of Security Levels 
         UPDATE Query
    Analysis of Experimental Results
    Summary

    Formal Analysis for Encryption-Based Multilevel Model for DBMS
    Introduction
    The Encryption-Based Multilevel Model for DBMS Definition
         MLR Model Definition
         Encryption-Based Multilevel Model for DBMS Definition
    Integrity Properties 
         Entity Integrity
         Polyinstantiation Integrity 
         Data-Borrow Integrity 
         Foreign Key Integrity
         Referential Integrity
    Manipulation
         The INSERT Statement 
         The DELETE Statement 
         The SELECT Statement 
         The UPDATE Statement 
         The UPLEVEL Statement
    Soundness 
         Case 1: In the INSERT Operation 
         Case 2: In the DELETE Operation 
         Case 3: In the UPDATE Operation
         Case 4: In the UPLEVEL Operation
    Completeness
    Security
    Summary

    Concurrency Control in Multilevel Relational Databases
    Introduction
    Related Work
    Enhanced Secure Multiversion Concurrency Control Model
    Performance Evaluation
         Workload Model 
         System Model 
         Experiments and Results
    Correctness of the Enhanced Secure Multiversion Concurrency Control Model 
         Proof of Correctness
    Summary

    The Instance-Based Multilevel Security Model
    Introduction
    The Instance-Based Multilevel Security Model (IBMSM) 
         Definition 1: The Property View 
         Definition 2: The Class View 
         Definition 3: The Instance View at Classification Level Lj
    The Advant address of IBMSM
    The Select Operation Procedure of the IBMSM
    Insert Operation Procedure of the IBMSM
    The Update Operation Procedure of the IBMSM
    The Delete Operation Procedure of the IBMSM
    Comparative Study for Polyinstantiation Models
    Summary

    The Source Code
    Introduction
    Screen Shots of the Prototype
    Source Code of the Microsoft SQL Server 
         Source Code of the Data Security Classification Level Tables 
         Source Code of the User Security Classification Levels 
         Source Code of the Modifications to the Base Table 
         Source Code of the View for Each Model of the Multilevel Relational Database Models
    Source Code of the Microsoft Visual Studio C# 
         Source Code of the Classes 
         Source Code of the Login Form 
         Source Code of the Queries Form 
         Source Code of the Query Form 
         Source Code of the Concurrency
    Control Form

    References

    Index

    Biography

    Osama S. Faragallah received a B.Sc. (Hons.), M.Sc., and Ph.D. in computer science and engineering from Menoufia University, Egypt, in 1997, 2002, and 2007 respectively. He is currently an associate professor in the Department of Computer Science and Engineering, Faculty of Electronic Engineering, Menoufia University. He was a demonstrator from 1997 to 2002 and has been assistant lecturer from 2002 to 2007. Since 2007 he has been a member of the teaching staff of the Department of Computer Science and Engineering at Menoufia University. He is the co-author of about 100 papers in international journals, conference proceedings, and two textbooks. His current research interests include network security, cryptography, Internet security, multimedia security, image encryption, watermarking, steganography, data hiding, medical image processing, and chaos theory.

    El-Sayed M. El-Rabaie (SM'92) was born in Sires Elian, Egypt, in 1953. He received a B.Sc. (Hons.) in radio communications from Tanta University, Tanta, Egypt in 1976, an M.Sc. in communication systems from Menoua University, Menouf, Egypt in 1981, and a Ph.D. in microwave device engineering from Queen's University of Belfast, Belfast, U.K. in 1986. Until 1989, Dr. El-Rabaie was a postdoctoral fellow in the Department of Electronic Engineering, Queen's University of Belfast. He was invited to become a research fellow in the College of Engineering and Technology, Northern Arizona University, Flagstaff in 1992, and a visiting professor at the Ecole Polytechnique de Montreal, Montreal, QC, Canada in 1994. He has authored and co-authored of more than 180 papers and 18 textbooks. He has been awarded the Salah Amer Award of Electronics in 1993 and the Best (CAD) Researcher from Menoufia University in 1995. He acts as a reviewer and member of the editorial board for several scientific journals.

    Professor El-Rabaie was the head of the Electronic and Communication