Secure Database Development
Secure database design; Secure DBMS development
This entry considers how to build secure database system software. In particular, it describes how to build a general-purpose database management system where security is an important design parameter. For the database community, the words secure database design may refer to the schema design to produce a database for a specific application with some level of security properties. There is a large amount of literature on this latter subject and a related entry in this encyclopedia (Database security). This entry concentrates mostly on how to build the software of a DBMS such that it exhibits security properties, which is called secure database development. Both approaches are contrasted so that the reader can decide which one of these problems applies to their specific case but more space is dedicated to the general secure database development problem.
While there is a large number of papers on...
- 2.Castano S, Fugini M, Martella G, Samarati P. Database security. Addison-Wesley; 1994.Google Scholar
- 4.Fernandez EB, Summers RC, Wood C. Database security and integrity (Systems Programming Series). Addison-Wesley; 1981.Google Scholar
- 5.Fugini M. Secure database development methodologies. In: Landwehr CE editor. Database security: status and prospects. Elsevier; 1987. p. 103–29.Google Scholar
- 6.Fernandez EB, Larrondo-Petrie MM, Sorgente T, VanHilst M. A methodology to develop secure systems using patterns, Chapter V. In: Mouratidis H, Giorgini P, editors. Integrating security and software engineering: advances and future vision. IDEA Press; 2006. p. 107–26.Google Scholar
- 9.Ge X, Polack F, Laleau R. Secure databases: an analysis of Clark-Wilson model in a database environment. In: Proceedings of the 16th International Conference on Advanced Information Systems Engineering; 2004. p. 234–47.Google Scholar
- 10.Jürjens J, Wimmel G. Formally testing fail-safety of electronic purse protocols. In: Proceedings of the 16th IEEE International Conference on Automated Software Engineering; 2001. p. 408–11.Google Scholar
- 11.Jürjens J, Wimmel G. Security modelling for electronic commerce: the common electronic purse specifications. In: Proceedings of the 1st IFIP Conference on E-Commerce, E-Business, E-Government; 2001. p. 489–506.Google Scholar
- 12.Fernández-Medina E, Piattini M. Extending OCL for secure database development. In: Proceedings of the International Conference on the Unified Modeling Language; 2004. p. 380–94.Google Scholar
- 14.Hafner M, Breu R. Towards a MOF/QVT-based domain architecture for model driven security. In: Proceedings of the 9th International Conference Model Driven Engineering Language and Systems; 2006.Google Scholar
- 16.Mouratidis H, Jürjens J, Fox J. Towards a comprehensive framework for secure systems development. In: Proceedings of the 18th International Conference on Advanced Information Systems Engineering; 2006. p. 48–62. CAiSE, Luxembourg. LNCS, (Eric Dubois, Klaus Pohl, eds.).Google Scholar