تعزيز المعالجة الآمنة و الفعالة للاستعلامات في ظل النموذج Truman للتحكم بالوصول على المستوى الناعم

Authors

  • يوسف دلا
  • آلاء اكر

Abstract

The increase in sensitive online transactions of organizations across the network has made database an important asset to the organization and thus became a target for internal and external security breaches. Due to the failure of traditional data protection systems, researchers have sought to the Fine-Grained Access Control (FGAC) model to perform this task because of its accuracy in meeting current security requirements at the level of records, columns and even individual cells. Despite the diversity of proposed FGAC methods, they are classified into two main models: Truman & Non-Truman model.

The research is mainly concerned with the study of the problems resulting from the enforcing of the access control policy under the Truman model, we have concentrated on the weakness of the performance of the restricted query and studied the factors affecting it. We have improved the performance by predicate caching , and enhanced  the safe processing of queries under this model, reducing the likelihood of leakage through user-defined functions.

إن تزايد التعاملات الإلكترونية للمنظمات الحساسة عبر الشبكة جعل من قواعد البيانات أحد الأصول المهمة للمنظمة ، وأصبحت بالتالي هدفاً للاختراقات الأمنية الداخلية منها والخارجية . و بسبب فشل الأنظمة التقليدية في حماية البيانات توجه الباحثون نحو نموذج التحكم بالوصول على المستوى الناعم Fine-Grained Access Control ( FGAC )  لأداء تلك المهمة وذلك لما يمتاز به من دقة في تحقيق المتطلبات الأمنية الحالية على مستوى الأسطر و الأعمدة وحتى الخلايا المفردة. وعلى الرغم من تنوع الأساليب المقترحة للنموذج FGAC فإنها تصنف إلى نموذجين رئيسيين هما Truman & Non-Truman model .

قمنا بالاهتمام بشكل أساسي بدراسة المشاكل المترتبة على فرض سياسة التحكم بالوصول في ظل النموذج Truman ، و أهمها ضعف أداء الاستعلام المقيد و درسنا العوامل المؤثرة على ذلك . عملنا على تحسين الأداء عبر تخزين الشروط  ، كما عملنا على تعزيز المعالجة الآمنة للاستعلامات في ظل هذا النموذج بما يقلل من احتمالات التسرب عبر التوابع المعرفة من قبل المستخدم .

Downloads

Published

2018-10-21

How to Cite

1.
دلا ي, اكر آ. تعزيز المعالجة الآمنة و الفعالة للاستعلامات في ظل النموذج Truman للتحكم بالوصول على المستوى الناعم. Tuj-eng [Internet]. 2018Oct.21 [cited 2024Apr.25];39(6). Available from: https://journal.tishreen.edu.sy/index.php/engscnc/article/view/4251

Issue

Vol. 39 No. 6 (2017): العلوم الهندسية

Section

Articles

License

Copyright (c) 2018 ttps://creativecommons.org/licenses/by-nc-sa/4.0/

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

The authors retain the copyright and grant the right to publish in the magazine for the first time with the transfer of the commercial right to Tishreen University Journal for Research and Scientific Studies - Engineering Sciences Series

 Under a CC BY- NC-SA 04 license that allows others to share the work with of the work's authorship and initial publication in this journal. Authors can use a copy of their articles in their scientific activity, and on their scientific websites, provided that the place of publication is indicted in  Tishreen University Journal for Research and Scientific Studies - Engineering Sciences Series   .  The Readers have the right to send, print and subscribe to the initial version of the article, and the title of  Tishreen University Journal for Research and Scientific Studies - Engineering Sciences Series     Publisher

journal uses a CC BY-NC-SA license which mean

You are free to:

  • Adapt — remix, transform, and build upon the material
  •  
  • The licensor cannot revoke these freedoms as long as you follow the license terms.

 

  • Attribution — You must give appropriate credit, provide a link to the license, and indicate if changes were made. You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
  • NonCommercial — You may not use the material for commercial purposes.
  • ShareAlike — If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.
  • No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.