|
Vol: 49(63) No: 3 / September 2004 Remote Database Access Control Dorin Iordache Information Technology Department, Naval Academy, Fulgerului Street, No.1, Constanta, Romania, phone: 0241-653000, e-mail: diordache@seanet.ro Keywords: database, security, authentication, information, cryptography Abstract Database access control is extremely important in computer systems security and requires extensive funds at the same time. Under normal circumstances any piece of information transmitted at the level of the computer network interfaces can be intercepted. The user authentication is achieved with the help of an account and a password. Unless hardware systems for access control are used, it is essential to implement a software mechanism in order to protect the data allowing access in the system. Such a mechanism, which is going to be analyzed in the following article, consists of extracting the digest of the access password and signing it with the user’s data. The described procedures can be easily implemented in JAVA and increase the security of the computer systems as well, especially as far as database access control is concerned. References [1] Ullman, J.D., Principles of Database Systems, Computer Science Press, 1980 [2] Iordache, D., Database security policies for internet architecture, SINTES-11, Craiova-Romania, pp. 350-353, 23-24 oct. 2003. [3] Iordache, D., Improving security access database, Journal of Naval Science and Engineering, Turkey, vol.1, no.2, pp.1-8, 2003 [4] Krause, M., Tipton H., Handbook of Information Security Management, CRC Press LLC ,1997 [5] Harrison, M., Ruzzo W.L., Ullman J.D.,Protection in Operating System, Communications of the ACM, vol. 19, 1976 [6] Castano, S., Fugini M.G., Martella G., Samarati P., Database Security, Addison-Wesley Publishing Company, 1994 [7] Amoroso, E. ,Fundamentals of Computer Security Technology, Prentice Hall International Editions, 1994 [8] Summers, R.C., Secure Computing: Threats and Safeguards, McGraw-Hill, 1997 [9] Scott, N., Database security: protecting sensitive and critical information, http://www.infosyssec.org., 2003 [10] Iordache, D., Database security mechanism, SINTES-11, Craiova- Romania, pp.345-349, 23-24 oct. 2003 [11] Dion L.C. , A Complete Protection Model, in proceedings IEEE Symp. on Security and Privacy, Oakland, CA, 1981 [12] Knudsen, J., Java cryptography, O’Reilly, pp.70-88, 1998 [13] Iordache, D., Secure Database Login Using Java Cryptography, Journal of Naval Science and Engineering, Turkey, vol.2, no.1, pp.15-25, 2003 |