|
Vol: 49(63) No: 3 / September 2004 Simple Model for Database Information Integrity Dorin Iordache Information Technology Department, Naval Academy, Fulgerului Street, No.1, Constanta, Romania, phone: 0241-653000, e-mail: diordache@seanet.ro Keywords: data integrity, database security, digests, digital signature, cryptography Abstract Within computer systems the processed information must be believable. As far as the database is concerned the problem changes. On the one hand, the information must come from an authorized source, and on the other hand it must be identified as authentically. The authorization issue may be solved with the help of the security models implemented within the database management system. The only problem that may arise is whether the stored information is true and believable. In the following article I intend to describe a mechanism which would allow us to check the degree of truth of the information, at a field level, assuming all the users have the same rights over a certain relations, but it is illegal to alter a certain field. By using such mechanism, one can easily determine the data, which have been altered without any authorization. References [1] Iordache D. , Ameninţări asupra securitătii sistemelor de calcul, Buletinul Stiintific al ANMB nr. 3-4, 2001 [2] Castano, S., Fugini M.G., Martella G., Samarati P., Database Security, Addison-Wesley Publishing Company, 1994 [3] Amoroso, E. ,Fundamentals of Computer Security Technology, Prentice Hall International Editions, 1994 [4] Merkle R.C., Hellman M.E., Hiding information and signatures in trapdoor knapsacks, IEEE trans. On Inform. Theory, sept. 1978 [5] Federal Information Processing Standards Publication 180-1.Secure Hash Standard [6] Patriciu V.V., Criptografia şi securitatea reţelelor de calculatoare, Editura Tehnică, Bucureşti, 1994 [7] L.C.Dion, A Complete Protection Model, in proceedings IEEE Symp. on Security and Privacy, Oakland, CA, 1981 [8] M.Winslett,K.Smith, Entity Modeling in the MLS Relational Model, Proceedings of the 18-th VLBD Conference, Vancouver, Canada, 1992 [9] J.McLean, A Comment on the \"Basic Security Theorem\" of Bell and LaPadula, http://chacs.nrl.navy.mil/publications/CHACS/Before1990/1985mclean-ipl.pdf [10] Iordache D., Modele de securitate pentru bazele de date, Buletinul Stiintific al Academiei Navale Mircea cel Batran nr. 2 , 2001 [11] El Gamal. T., A Public Key Cryptosystem and a signature scheme based on discrete logarithm. IEEE Trans. Inf. Theory. vol IT - 31 1985 [12] Knudsen, J., Java cryptography, O’Reilly, pp.70-88, 1998 [13] Iordache, D., Secure Database Login Using Java Cryptography, Journal of Naval Science and Engineering, Turkey, vol.2, no.1, pp.15-25, 2003 |