Encyclopedia of Database Systems

2018 Edition
| Editors: Ling Liu, M. Tamer Özsu

Secure Database Development

  • Jan JurjensEmail author
  • Eduardo B. Fernandez
Reference work entry
DOI: https://doi.org/10.1007/978-1-4614-8265-9_329


Secure database design; Secure DBMS development


This entry considers how to build secure database system software. In particular, it describes how to build a general-purpose database management system where security is an important design parameter. For the database community, the words secure database design may refer to the schema design to produce a database for a specific application with some level of security properties. There is a large amount of literature on this latter subject and a related entry in this encyclopedia (Database security). This entry concentrates mostly on how to build the software of a DBMS such that it exhibits security properties, which is called secure database development. Both approaches are contrasted so that the reader can decide which one of these problems applies to their specific case but more space is dedicated to the general secure database development problem.

Historical Background

While there is a large number of papers on...

This is a preview of subscription content, log in to check access.

Recommended Reading

  1. 1.
    Bertino E, Sandhu R. Database security – concepts, approaches, and challenges. IEEE Trans Dependable Secur Comput. 2005;2(1):2–19.CrossRefGoogle Scholar
  2. 2.
    Castano S, Fugini M, Martella G, Samarati P. Database security. Addison-Wesley; 1994.Google Scholar
  3. 3.
    Fernandez EB, Gudes E, Song H. A model for evaluation and administration of security in object-oriented databases. IEEE Trans Knowl Database Eng. 1994;6(2):275–92.CrossRefGoogle Scholar
  4. 4.
    Fernandez EB, Summers RC, Wood C. Database security and integrity (Systems Programming Series). Addison-Wesley; 1981.Google Scholar
  5. 5.
    Fugini M. Secure database development methodologies. In: Landwehr CE editor. Database security: status and prospects. Elsevier; 1987. p. 103–29.Google Scholar
  6. 6.
    Fernandez EB, Larrondo-Petrie MM, Sorgente T, VanHilst M. A methodology to develop secure systems using patterns, Chapter V. In: Mouratidis H, Giorgini P, editors. Integrating security and software engineering: advances and future vision. IDEA Press; 2006. p. 107–26.Google Scholar
  7. 7.
    Jürjens J. Secure systems development with UML. New York: Springer; 2004.zbMATHGoogle Scholar
  8. 8.
    Fernández-Medina E, Piattini M. Designing secure databases. Inf Softw Technol. 2005;47(7):463–77.CrossRefGoogle Scholar
  9. 9.
    Ge X, Polack F, Laleau R. Secure databases: an analysis of Clark-Wilson model in a database environment. In: Proceedings of the 16th International Conference on Advanced Information Systems Engineering; 2004. p. 234–47.Google Scholar
  10. 10.
    Jürjens J, Wimmel G. Formally testing fail-safety of electronic purse protocols. In: Proceedings of the 16th IEEE International Conference on Automated Software Engineering; 2001. p. 408–11.Google Scholar
  11. 11.
    Jürjens J, Wimmel G. Security modelling for electronic commerce: the common electronic purse specifications. In: Proceedings of the 1st IFIP Conference on E-Commerce, E-Business, E-Government; 2001. p. 489–506.Google Scholar
  12. 12.
    Fernández-Medina E, Piattini M. Extending OCL for secure database development. In: Proceedings of the International Conference on the Unified Modeling Language; 2004. p. 380–94.Google Scholar
  13. 13.
    Fernández-Medina E, Jürjens J, Trujillo J, Jajodia S. Model-driven development for secure information systems E Fernández-Medina. Inf Softw Technol. 2009;51(5):809–14.CrossRefGoogle Scholar
  14. 14.
    Hafner M, Breu R. Towards a MOF/QVT-based domain architecture for model driven security. In: Proceedings of the 9th International Conference Model Driven Engineering Language and Systems; 2006.Google Scholar
  15. 15.
    Basin DA, Doser J, Lodderstedt T. Model driven security: from UML models to access control infrastructures. ACM Trans Softw Eng Methodol. 2006;15(1):39–91.CrossRefGoogle Scholar
  16. 16.
    Mouratidis H, Jürjens J, Fox J. Towards a comprehensive framework for secure systems development. In: Proceedings of the 18th International Conference on Advanced Information Systems Engineering; 2006. p. 48–62. CAiSE, Luxembourg. LNCS, (Eric Dubois, Klaus Pohl, eds.).Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.The Open UniversityBuckinghamshireUK
  2. 2.Florida Atlantic UniversityBoca RatonUSA

Section editors and affiliations

  • Elena Ferrari
    • 1
  1. 1.DiSTAUniv. of InsubriaVareseItaly