Dağıtık veri tabanı sistemlerinde çok seviyeli güvenlik modeli

Year 2022, Volume: 28 Issue: 2, 266 - 276, 30.04.2022

Çiğdem Bakır Mehmet Güçlü

Abstract

Bilgi güvenliği, bilgiye erişim sağlayarak onu yetkisiz kullanma, değiştirme veya yayma gibi faaliyetleri önleme çabasıdır. Bu, sadece bilginin ele geçirilmesi olarak düşünülmemeli, aynı zamanda bütünlük, erişilebilirlik ve gizlilik gibi unsurların ihlal edilmesinin engellenmesi olarak da değerlendirilmelidir. Bu üç temel unsurdan herhangi birinde oluşan zafiyet, bilgi güvenliğinin ihlali olarak ele alınacaktır. Bu çalışmada, çok seviyeli bir erişim kontrol metodunun geliştirilmesi amacıyla Geliştirilmiş Bell-LaPadula güvenlik modeli dağıtık sistemlere uyarlanmış ve böylece dağıtık veritabanı sistemlerinde bilgi güvenliğinin üç temel unsurundan biri olan gizlilik özelliğinin nasıl sağlandığının gösterilmesi amaçlanmıştır. Çalışmada önerilen geliştirilmiş model, gerçek hayattan alınmış veri kümesi üzerine uygulanmıştır. Önerilen modelin performansı, Rol Tabanlı Erişim Kontrolü ve Geleneksel Erişim Kontrolü modellerinin performansları ile karşılaştırılmıştır. Elde edilen sonuçlar kıyaslandığında, önerilen model ile verilerin daha güvenli ve hızlı bir şekilde kullanıcıların paylaşımına sunulduğu gözlemlenmiştir.

Keywords

Erişim kontrolü, Bell-Lapuda, Güvenlik, Gizlilik

Multi-Level security model in distributed database systems

Abstract

Information security is related with efforts put in to avoid activities such as unauthorized usage, changing or disseminating of information by having access to this information. This should not be only thought as capturing of information but also as avoiding the violation of particulars such as integrity, availability, and confidentiality. Vulnerability that occurs in any one of these three basic elements will be evaluated as violation of information security. In this study, a multi-level access control method was developed. With the model proposed, in addition to the security policies offered by the Bell-LaPadula access control model, a new set of rules was defined and expanded, and a flexible and dynamic access control model was presented. The developed model being proposed in the study has been applied on data cluster which has been obtained from real life. Performance of the proposed model has been compared with the performances of Traditional Access Control models. When the obtained results were compared, it was observed that object access levels were presented more consistently and quickly with the proposed model.

Keywords

Access control, Bell-Lapuda, Security, Confidentilality

References

• [1] Andress J. The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice Algorithms. 2nd ed. USA, Elsevier, 2011.
• [2] Sukumarana SC, Misbahuddinb M. “PCR and bio-signature for data confidentiality and integrity in mobile cloud computing”. Journal of King Saud University-Computer and Information Sciences, 33(4), 426-435, 2021.
• [3] Whitman M, Mattord HJ. Principles of Information Security. 4th Course Technology, USA, Cengage Learning, 2012.
• [4] Ferraiolo DF, Kuhn, DR. “Role based access control”. 15th National Computer Security Conference, Gaithersburg, USA, 13-16 October 1992.
• [5] Abidin S, Rana V. “On confidentiality, integrity, authenticity and freshness (CIAF) in WSN”. Advances in Computer Communication and Computational Sciences, 1158(1), 87-97, 2021.
• [6] Charaf L, Allihamidi I, Addaim A. “A distributed XACML based access control architecture for IoT systems”. 2020 1st International Conference on Innovative Research in Applied Science, Engineering and Technology (IRASET), Meknes, Morocco, 16-19 April 2020.
• [7] Shin MS, Jeon HS, Ju YW, Lee BJ, Jeong, SP. “Constructing RBAC based security model in u-healthcare service platform”. The Scientific World Journal, 2015(4), 1-13, 2015.
• [8] Ge C, Liu Z, Fang L. “A blockchain based decentralized data security mechanism for the Internet of things”. Journal of Parallel and Distributed Computing, 141, 1-9, 2020.
• [9] Chow SM, Lee JH, Subramanian, L. “Two-party computation model for privacy-preserving queries over distributed databases”. Network and IT Security Conference, NDSS Symposium, California, USA, 08-11 February 2009.
• [10] Kumar R, Bhatia MP. “A Systematic review of the security in cloud computing: Data integrity, confidentiality and availability”. 2020 IEEE International Conference on Computing Power and Communication Technologies (GUCON), Greater Noida, India, 2-4 October 2020.
• [11] Kotari M, Chiplunkar NN. “Investigation of security issues in distributed system monitoring”. Information Sciences, Springer, 2020. http://doi: 10.1007/978-3-030-22277- 2_24.
• [12] Kotari M, Chiplunkar NN, Nagesh HR. “Framework of security mechanisms for monitoring adaptive distributed systems”. IOSR Journal of Computer Engineering (IOSR-JCE), 18(4), 25-36, 2016.
• [13] Naeem W, Shah MA, Malik AK. “Privacy-preserving in collaborative working environments”. Proceedings of the IOARP International Conference on Communication and Networks, London, United Kingdom, 1-3 December 2015.
• [14] Bertolissi C, Fernandez, M. “A metamodel of access control for distributed environments: Applications and properties”. Information and Computation, 238, 187-207, 2014.
• [15] Bertolissi C, Fernandez, M. “A metamodel of access control for distributed environments: Applications and properties”. Information and Computation Journal, 238(1), 187-207, 2014.
• [16] Dasgupta D, Roy A, Ghosh D. “Multi-user permission strategy to access sensitive information”. Information Sciences, Elsevier, 2017. http://doi: 10.1016/j.ins.2017.09.039.
• [17] Balamurugan B, Shivitha NG, Monisha V, Saranya, V. “A Honey bee behaviour inspired novel attribute-based access control using enhanced bell-lapadula model in cloud computing”. Innovation Information in Computing Technologies (ICIICT), 2015 International Conference on, IEEE, Chennai, India, 19-20 Februrary 2015.
• [18] Özsu MT, Valduriez P. Principles of Distributed Database Systems. 3rd ed. USA, Springer Science & Business Media, 2011.
• [19] Rahimi SK, Haug FS. Distributed Database Management Systems: A Practical Approach. 3rd ed. New York, USA, Wiley India Private Limited, 2015.
• [20] Tchernykh A, Schwiegelsohn U, Babenko M. “Towards understanding uncertainty in cloud computing with risks of confidentiality, integrity, and availability”. Journal of Computational Science, 36, 1-9, 2019.
• [21] Elmagarmid A, Rusinkiewics M, Sheth A. Management of Heterogeneous and Autonomous Database Systems. 1st ed. San Francisco, California, Morgan Kaufmann Publishers, 1999.
• [22] Zhang Y, Ye X, Xie F, Peng Y. “A practical database intrusion detection system framework”. 2009 Ninth IEEE International Conference on Computer and Information Technology, Xiamen, China, 11-14 October 2009.
• [23] Kumar R, Tripathi R. “Scalable and secure access control policy for healthcare system using blockchain and enhanced Bell-LaPadula model”. Journal of Ambient Intelligence and Humanized Computing, 12(1) 2321-2338, 2021.
• [24] Crampton J, Leung W, Beznosov K. “The secondary and approximate authorization model and its application to Bell-LaPadula policies”. ACM Symposium on Access Control Models and Technologies, California, USA, 07 June 2006.
• [25] Sánchez R, Steven AD, Mohammed SB. “A service-based RBAC & MAC approach incorporated into the FHIR standard”. Digital Communications and Networks, 5(4), 214-225, 2019.
• [26] Pitts A. “Foundations of software science and computation structures”. FoSSaCS: International 18th International Conference on Theory and Practice of Software, London, UK, 11-18 April 2005.
• [27] Thuraisingham B. “Security for distributed databases”. Information Security Technical Report, 6(2), 95-11, 2001.
• [28] Bertino E, Sandhu R. “Database security-concepts, approaches and challenges”. IEEE Transactions on Dependable and Secure Computing, 2(1), 2-19, 2005.
• [29] Özcanhan MH. “A new peculiarity to intelligent doors: Security through information sharing”. Pamukkale University Journal of Engineering Sciences, 23(5), 581-587, 2017.
• [30] Gunduz MZ, Daş R. “Nesnelerin interneti: Gelişimi, bileşenleri ve uygulama alanları”. Pamukkale Mühendislik Fakültesi Dergisi, 24(2), 327-335, 2018.