IY5604 Database Security
This module covers several aspects of database security and the related subject of concurrency control in distributed databases. We will discuss methods for concurrency control and failure recovery in distributed databases and the interaction between those methods and security requirements. We will also examine how access control policies can be adapted to relational and object-oriented databases.
At the end of the module the student should
- understand how multi-level security can be preserved within a database whilst still permitting the concurrent execution of transactions.
- understand why confidentiality is so difficult to achieve within a statistical database.
- understand the implications that security and its administration have in the context of commercial databases such as Informix and Oracle.
Introduction: concurrency, fault tolerance and security.
Concurrency control and failure recovery: locking strategy and deadlock detection.
Transaction theory: serializability and recoverability.
Distributed Database: data replication and commit protocols.
Database Security: data confidentiality and data integrity, inference and aggregation, security in object-oriented database systems.
- P.A. Bernstein, V. Hadzilacos and N. Goodman, Concurrency Control and Recovery in Database Systems, Addison-Wesley, 1987.
- S. Castano, M. Fugini, G. Martella, P. Samarati, Database Security, Addison Wesley, 1994.
- C.J. Date, An Introduction to Database Systems, Volume 1, Addison-Wesley, 1985.
- C.J. Date, An Introduction to Database Systems, Volume 2, Addison-Wesley, 1985.
- D.E. Denning, Cryptography and Data Security, Addison-Wesley, 1983.